Filtered by vendor Implecode
Subscribe
Search
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-5979 | 1 Implecode | 1 Ecommerce Product Catalog | 2023-12-08 | N/A | 6.5 MEDIUM |
| The eCommerce Product Catalog Plugin for WordPress plugin before 3.3.26 does not have CSRF checks in some of its admin pages, which could allow attackers to make logged-in users perform unwanted actions via CSRF attacks, such as delete all products | |||||
| CVE-2023-47839 | 1 Implecode | 1 Ecommerce Product Catalog | 2023-11-28 | N/A | 5.4 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in impleCode eCommerce Product Catalog Plugin for WordPress plugin <= 3.3.26 versions. | |||||
| CVE-2021-24894 | 1 Implecode | 1 Reviews Plus | 2022-07-01 | 4.0 MEDIUM | 6.5 MEDIUM |
| The Reviews Plus WordPress plugin before 1.2.14 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the review section when an authenticated user submit such rating and the reviews are set to be displayed on the post/page | |||||
| CVE-2021-24875 | 1 Implecode | 1 Ecommerce Product Catalog | 2021-11-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| The eCommerce Product Catalog Plugin for WordPress plugin before 3.0.39 does not escape the ic-settings-search parameter before outputting it back in the page in an attribute, leading to a Reflected Cross-Site Scripting issue | |||||