Mra13 Simple Shopping Cart
8 CVEs affecting Mra13 Simple Shopping Cart. Latest disclosed: 2026-04-04. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-3529 | High | 8.2 | 2025-04-23 | The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.1.2 via the 'fi… |
CVE-2025-3530 | High | 7.5 | 2025-04-23 | The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to product price manipulation in all versions up to, and including, 5.1.2. This is due to… |
CVE-2025-3874 | Medium | 6.5 | 2025-05-01 | The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.3 due to la… |
CVE-2026-0552 | Medium | 6.4 | 2026-04-04 | The Simple Shopping Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpsc_display_product' shortcode in all versions up… |
CVE-2025-3890 | Medium | 6.4 | 2025-05-01 | The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wp_cart_button' shortcode in all version… |
CVE-2024-12622 | Medium | 6.4 | 2024-12-24 | The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wp_cart_button' and 'wp_cart_display_pro… |
CVE-2025-3889 | Medium | 5.3 | 2025-05-01 | The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.3 via the '… |
CVE-2023-6497 | Medium | 4.4 | 2024-01-27 | The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the automatic redirect URL setting in all versions up… |