Inspireui Mstore Api – Create Native Android & Ios Apps On The Cloud
21 CVEs affecting Inspireui Mstore Api – Create Native Android & Ios Apps On The Cloud. Latest disclosed: 2026-04-09. Critical: 7, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-6328 | Critical | 9.8 | 2024-07-12 | The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including… |
CVE-2023-3277 | Critical | 9.8 | 2023-11-03 | The MStore API plugin for WordPress is vulnerable to Unauthorized Account Access and Privilege Escalation in versions up to, and including, 4.10.7 due to impro… |
CVE-2023-3197 | Critical | 9.8 | 2023-06-24 | The MStore API plugin for WordPress is vulnerable to Unauthenticated Blind SQL Injection via the 'id' parameter in versions up to, and including, 4.0.1 due to… |
CVE-2020-36713 | Critical | 9.8 | 2023-06-07 | The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.1.5. This is due to unrestricted access to the '… |
CVE-2023-2732 | Critical | 9.8 | 2023-05-25 | The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.2. This is due to insufficient verification on… |
CVE-2023-2733 | Critical | 9.8 | 2023-05-25 | The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.0. This is due to insufficient verification on… |
CVE-2023-2734 | Critical | 9.8 | 2023-05-25 | The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.1. This is due to insufficient verification on… |
CVE-2024-7628 | High | 8.1 | 2024-08-15 | The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 4… |
CVE-2024-8269 | High | 7.3 | 2024-09-13 | The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to unauthorized user registration in all versions up to, and… |
CVE-2025-3438 | Medium | 6.5 | 2025-05-02 | The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to limited privilege escalation in all versions up to, and in… |
CVE-2024-11179 | Medium | 6.5 | 2024-11-20 | The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to SQL Injection via the 'status_type' parameter in all versi… |
CVE-2024-12042 | Medium | 5.4 | 2024-12-13 | The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the profile picture upload… |
CVE-2026-3568 | Medium | 4.3 | 2026-04-09 | The MStore API plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.18.3. This is due to the update_… |
CVE-2025-4683 | Medium | 4.3 | 2025-05-27 | The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capabil… |
CVE-2024-8242 | Medium | 4.3 | 2024-09-13 | The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation… |
CVE-2023-3202 | Medium | 4.3 | 2023-07-12 | The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_firebase_server_key functi… |
CVE-2023-3199 | Medium | 4.3 | 2023-07-12 | The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_status_order_title functio… |
CVE-2023-3201 | Medium | 4.3 | 2023-06-14 | The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_new_order_title function… |
CVE-2023-3198 | Medium | 4.3 | 2023-06-14 | The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_status_order_message funct… |
CVE-2023-3200 | Medium | 4.3 | 2023-06-14 | The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_new_order_message function… |