Tipsandtricks-hq Wp_estore

8 CVEs affecting Tipsandtricks-hq Wp_estore. Latest disclosed: 2024-08-12. Critical: 0, High: 1.

Top CVEs affecting Tipsandtricks-hq Wp_estore
CVESeverityScorePublishedSummary
CVE-2024-6075High8.82024-07-15The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not have CSRF checks in some places, which could allow attackers to make logged in users pe…
CVE-2024-6133Medium6.52024-08-12The wp-cart-for-digital-products WordPress plugin before 8.5.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Ref…
CVE-2024-6076Medium6.12024-07-15The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Ref…
CVE-2024-6074Medium6.12024-07-15The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Ref…
CVE-2024-6073Medium6.12024-07-15The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Ref…
CVE-2024-6072Medium6.12024-07-15The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute…
CVE-2024-6136Medium5.42024-08-12The wp-cart-for-digital-products WordPress plugin before 8.5.6 does not have CSRF checks in some places, which could allow attackers to make logged in users pe…
CVE-2024-6134Medium5.42024-08-12The wp-cart-for-digital-products WordPress plugin before 8.5.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Ref…