Lightspeedhq Ecwid_ecommerce_shopping_cart
6 CVEs affecting Lightspeedhq Ecwid_ecommerce_shopping_cart. Latest disclosed: 2025-02-18. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-2432 | High | 8.8 | 2022-09-06 | The Ecwid Ecommerce Shopping Cart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.10.23. This is due to mi… |
CVE-2023-24408 | Medium | 6.5 | 2023-05-08 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Ecwid Ecommerce Ecwid Ecommerce Shopping Cart plugin <= 6.11.4 versions. |
CVE-2023-51533 | Medium | 5.4 | 2024-02-28 | Cross-Site Request Forgery (CSRF) vulnerability in Ecwid Ecommerce Ecwid Ecommerce Shopping Cart.This issue affects Ecwid Ecommerce Shopping Cart: from n/a thr… |
CVE-2023-24377 | Medium | 5.4 | 2023-02-14 | Cross-Site Request Forgery (CSRF) vulnerability in Ecwid Ecommerce Ecwid Ecommerce Shopping Cart plugin <= 6.11.3 versions. |
CVE-2024-13795 | Medium | 4.3 | 2025-02-18 | The Ecwid by Lightspeed Ecommerce Shopping Cart plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.12.27… |
CVE-2023-6292 | Medium | 4.3 | 2024-01-16 | The Ecwid Ecommerce Shopping Cart WordPress plugin before 6.12.5 does not have CSRF check in place when updating its settings, which could allow attackers to m… |