Vulnerabilities > Wpsc Plugin > Structured Content > 1.5.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-04 | CVE-2025-0512 | Cross-site Scripting vulnerability in Wpsc-Plugin Structured Content The Structured Content (JSON-LD) #wpsc plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sc_fs_local_business shortcode in all versions up to, and including, 6.4.5 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-02-05 | CVE-2024-24839 | Cross-site Scripting vulnerability in Wpsc-Plugin Structured Content Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gordon Böhme, Antonio Leutsch Structured Content (JSON-LD) #wpsc allows Stored XSS.This issue affects Structured Content (JSON-LD) #wpsc: from n/a through 1.6.1. | 5.4 |
| 2023-12-19 | CVE-2023-49819 | Unspecified vulnerability in Wpsc-Plugin Structured Content Deserialization of Untrusted Data vulnerability in Gordon Böhme, Antonio Leutsch Structured Content (JSON-LD) #wpsc.This issue affects Structured Content (JSON-LD) #wpsc: from n/a through 1.5.3. | 9.8 |
| 2023-12-14 | CVE-2023-49820 | Unspecified vulnerability in Wpsc-Plugin Structured Content Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gordon Böhme, Antonio Leutsch Structured Content (JSON-LD) #wpsc allows Stored XSS.This issue affects Structured Content (JSON-LD) #wpsc: from n/a through 1.5.3. | 5.4 |