Skip to main content

Wp E Commerce

2 CVEs product

Monthly

CVE-2017-17780 MEDIUM POC PATCH This Month

The Clockwork SMS clockwork-test-message.php component has XSS via a crafted "to" parameter in a clockwork-test-message request to wp-admin/admin.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS WordPress PHP Booking Calendar Sms Clockwork Sms Notfications +6
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2012-5310 HIGH This Week

SQL injection vulnerability in the WP e-Commerce plugin before 3.8.7.6 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress SQLi Wp E Commerce
NVD
CVSS 2.0
7.5
EPSS
0.7%
EPSS 0% CVSS 6.1
MEDIUM POC PATCH This Month

The Clockwork SMS clockwork-test-message.php component has XSS via a crafted "to" parameter in a clockwork-test-message request to wp-admin/admin.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS WordPress PHP +8
NVD
EPSS 1% CVSS 7.5
HIGH This Week

SQL injection vulnerability in the WP e-Commerce plugin before 3.8.7.6 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress SQLi Wp E Commerce
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy