Sunshinephotocart

Sunshine Photo Cart

20 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2024-43136

  • EPSS 0.37%
  • Veröffentlicht 01.11.2024 15:15:38
  • Zuletzt bearbeitet 04.04.2025 17:41:05

Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through 3.2.1.

6.1

CVE-2024-50463

  • EPSS 0.13%
  • Veröffentlicht 28.10.2024 13:15:04
  • Zuletzt bearbeitet 29.10.2024 16:25:01

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WP Sunshine Sunshine Photo Cart.This issue affects Sunshine Photo Cart: from n/a through 3.2.9.

6.1

CVE-2024-43971

  • EPSS 6.47%
  • Veröffentlicht 18.09.2024 00:15:06
  • Zuletzt bearbeitet 25.09.2024 14:18:13

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Sunshine Sunshine Photo Cart allows Reflected XSS.This issue affects Sunshine Photo Cart: from n/a through 3.2.5.

9.8

CVE-2024-30221

  • EPSS 0.51%
  • Veröffentlicht 28.03.2024 06:15:14
  • Zuletzt bearbeitet 08.04.2025 16:40:47

Deserialization of Untrusted Data vulnerability in WP Sunshine Sunshine Photo Cart.This issue affects Sunshine Photo Cart: from n/a through 3.1.1.

6.1

CVE-2024-30194

  • EPSS 5.48%
  • Veröffentlicht 27.03.2024 07:15:55
  • Zuletzt bearbeitet 08.04.2025 16:40:00

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Sunshine Sunshine Photo Cart allows Reflected XSS.This issue affects Sunshine Photo Cart: from n/a through 3.1.1.

5.3

CVE-2024-1294

  • EPSS 0.45%
  • Veröffentlicht 29.02.2024 01:43:47
  • Zuletzt bearbeitet 27.02.2025 22:03:40

The Sunshine Photo Cart: Free Client Galleries for Photographers plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.24 via the 'invoice'. This makes it possible for unauthenticated attackers...

6.5

CVE-2023-41796

  • EPSS 0.05%
  • Veröffentlicht 20.12.2023 14:15:20
  • Zuletzt bearbeitet 21.11.2024 08:21:42

Authorization Bypass Through User-Controlled Key vulnerability in WP Sunshine Sunshine Photo Cart: Free Client Galleries for Photographers.This issue affects Sunshine Photo Cart: Free Client Galleries for Photographers: from n/a before 3.0.0.

4.3

CVE-2021-4415

  • EPSS 0.11%
  • Veröffentlicht 12.07.2023 04:15:11
  • Zuletzt bearbeitet 21.11.2024 06:37:40

The Sunshine Photo Cart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.8.28 This is due to missing or incorrect nonce validation on the sunshine_products_quicksave_post() function. This makes it p...

8.8

CVE-2022-40692

  • EPSS 0.1%
  • Veröffentlicht 02.02.2023 21:22:38
  • Zuletzt bearbeitet 21.11.2024 07:21:51

Cross-Site Request Forgery (CSRF) vulnerability in WP Sunshine Sunshine Photo Cart plugin <= 2.9.13 versions.

6.1

CVE-2022-4301

Exploit
  • EPSS 14.6%
  • Veröffentlicht 09.01.2023 23:15:27
  • Zuletzt bearbeitet 09.04.2025 20:15:23

The Sunshine Photo Cart WordPress plugin before 2.9.15 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting.