Levelfourstorefront Shopping Cart & Ecommerce Store
11 CVEs affecting Levelfourstorefront Shopping Cart & Ecommerce Store. Latest disclosed: 2025-01-08. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-7827 | High | 8.8 | 2024-08-20 | The Shopping Cart & eCommerce Store plugin for WordPress is vulnerable to boolean-based SQL Injection via the ‘model_number’ parameter in all versions up to, a… |
CVE-2024-3211 | High | 8.8 | 2024-04-12 | The Shopping Cart & eCommerce Store plugin for WordPress is vulnerable to SQL Injection via the 'productid' attribute of the ec_addtocart shortcode in all vers… |
CVE-2023-3023 | High | 7.2 | 2023-07-12 | The WP EasyCart plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in versions up to, and including, 5.4.10 due to insu… |
CVE-2023-2892 | Medium | 6.5 | 2023-06-09 | The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect n… |
CVE-2023-2891 | Medium | 6.5 | 2023-06-09 | The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect n… |
CVE-2024-12712 | Medium | 5.3 | 2025-01-08 | The Shopping Cart & eCommerce Store plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the webhook fu… |
CVE-2024-4213 | Medium | 5.3 | 2024-05-14 | The Shopping Cart & eCommerce Store plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.6.4 via the or… |
CVE-2023-2896 | Medium | 4.3 | 2023-06-09 | The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect n… |
CVE-2023-2895 | Medium | 4.3 | 2023-06-09 | The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect n… |
CVE-2023-2894 | Medium | 4.3 | 2023-06-09 | The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect n… |
CVE-2023-2893 | Medium | 4.3 | 2023-06-09 | The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect n… |