Vulnerabilities > Wpeasycart
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-09 | CVE-2023-2892 | Unspecified vulnerability in Wpeasycart WP Easycart The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. | 4.3 |
| 2023-06-09 | CVE-2023-2893 | Unspecified vulnerability in Wpeasycart WP Easycart The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. | 4.3 |
| 2023-06-09 | CVE-2023-2894 | Unspecified vulnerability in Wpeasycart WP Easycart The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. | 4.3 |
| 2023-06-09 | CVE-2023-2895 | Unspecified vulnerability in Wpeasycart WP Easycart The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. | 4.3 |
| 2023-06-09 | CVE-2023-2896 | Unspecified vulnerability in Wpeasycart WP Easycart The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. | 4.3 |
| 2023-06-09 | CVE-2023-2891 | Unspecified vulnerability in Wpeasycart WP Easycart The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. | 4.3 |
| 2023-04-03 | CVE-2023-1124 | Unspecified vulnerability in Wpeasycart WP Easycart The Shopping Cart & eCommerce Store WordPress plugin before 5.4.3 does not validate HTTP requests, allowing authenticated users with admin privileges to perform LFI attacks. | 7.2 |
| 2021-08-19 | CVE-2021-34645 | Cross-Site Request Forgery (CSRF) vulnerability in Wpeasycart Shopping Cart & Ecommerce Store The Shopping Cart & eCommerce Store WordPress plugin is vulnerable to Cross-Site Request Forgery via the save_currency_settings function found in the ~/admin/inc/wp_easycart_admin_initial_setup.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 5.1.0. | 8.8 |
| 2017-10-06 | CVE-2015-2673 | Permissions, Privileges, and Access Controls vulnerability in Wpeasycart WP Easycart The ec_ajax_update_option and ec_ajax_clear_all_taxrates functions in inc/admin/admin_ajax_functions.php in the WP EasyCart plugin 1.1.30 through 3.0.20 for WordPress allow remote attackers to gain administrator privileges and execute arbitrary code via the option_name and option_value parameters. | 8.8 |