Skip to main content

Thecartpress Ecommerce Shopping Cart

4 CVEs product

Monthly

CVE-2015-3302 HIGH POC THREAT Act Now

The TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote attackers to obtain sensitive order detail information by. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 20.6%.

WordPress Authentication Bypass Thecartpress Ecommerce Shopping Cart
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
20.6%
CVE-2015-3986 MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Path Traversal CSRF WordPress PHP Thecartpress Ecommerce Shopping Cart
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
1.6%
CVE-2015-3301 MEDIUM POC PATCH THREAT This Month

Directory traversal vulnerability in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote administrators to. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 14.4%.

Path Traversal WordPress PHP Thecartpress Ecommerce Shopping Cart
NVD Exploit-DB
CVSS 2.0
4.0
EPSS
14.4%
CVE-2015-3300 MEDIUM POC PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allow remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XSS WordPress PHP Thecartpress Ecommerce Shopping Cart
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
5.0%
EPSS 21% CVSS 7.5
HIGH POC THREAT Act Now

The TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote attackers to obtain sensitive order detail information by. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 20.6%.

WordPress Authentication Bypass Thecartpress Ecommerce Shopping Cart
NVD Exploit-DB
EPSS 2% CVSS 4.3
MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Path Traversal CSRF WordPress +2
NVD Exploit-DB
EPSS 14% CVSS 4.0
MEDIUM POC PATCH THREAT This Month

Directory traversal vulnerability in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote administrators to. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 14.4%.

Path Traversal WordPress PHP +1
NVD Exploit-DB
EPSS 5% CVSS 4.3
MEDIUM POC PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allow remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XSS WordPress PHP +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy