WordPress Plugin Vulnerabilities

TheCartPress < 1.3.9.3 - Multiple Vulnerabilities

Description

The TheCartPress eCommerce Shopping Cart WordPress plugin was affected by a Multiple Vulnerabilities security vulnerability.

Affects Plugins

Plugin icon
thecartpress
Fixed in 1.3.9.3

References

CVE
CVE-2015-3301
CVE
CVE-2015-3300
CVE
CVE-2015-3302
CVE
CVE-2015-3300
CVE
CVE-2015-3986
Exploitdb
36860
URL
https://packetstormsecurity.com/files/#131673/
URL
https://github.com/espreto/wpsploit/blob/master/modules/auxiliary/scanner/http/wp_thecartpress_xss_scanner.rb
URL
https://www.immuniweb.com/advisory/HTB23254

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
e7da160a-7ab3-4e27-a9ca-1c084da2b351

Timeline

Publicly Published
2015-04-29 (about 11 years ago)
Added
2015-04-29 (about 11 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2021-07-02
Title
Workreap < 2.2.2 - Multiple CSRF + IDOR Vulnerabilities
Published
2015-01-12
Title
Banner Effect Header 1.2.6 - XSS & CSRF
Published
2019-07-02
Title
Insert or Embed Articulate Content into WordPress < 4.29991 - Authenticated Arbitrary Folder Deletion and Rename
Published
2014-08-01
Title
Mingle Forum <= 1.0.32.1 - Cross Site Scripting / SQL Injection
Published
2016-07-03
Title
Real3D FlipBook <= 2.8 - Multiple Vulnerabilities