Sunshinephotocart

Sunshine Photo Cart

21 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2024-44038

  • EPSS 1.09%
  • Veröffentlicht 01.11.2024 15:15:53
  • Zuletzt bearbeitet 01.04.2026 16:17:56

Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through <= 3.2.9.

8.8

CVE-2024-43136

  • EPSS 0.54%
  • Veröffentlicht 01.11.2024 15:15:38
  • Zuletzt bearbeitet 01.04.2026 16:17:39

Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart.This issue affects Sunshine Photo Cart: from n/a through <= 3.2.1.

6.1

CVE-2024-50463

  • EPSS 0.19%
  • Veröffentlicht 28.10.2024 13:15:04
  • Zuletzt bearbeitet 01.04.2026 16:19:08

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart.This issue affects Sunshine Photo Cart: from n/a through <= 3.2.9.

6.1

CVE-2024-43971

  • EPSS 7.52%
  • Veröffentlicht 18.09.2024 00:15:06
  • Zuletzt bearbeitet 01.04.2026 16:17:46

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart.This issue affects Sunshine Photo Cart: from n/a through <= 3.2.5.

9.8

CVE-2024-30221

  • EPSS 0.74%
  • Veröffentlicht 28.03.2024 06:15:14
  • Zuletzt bearbeitet 01.04.2026 16:16:54

Deserialization of Untrusted Data vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart.This issue affects Sunshine Photo Cart: from n/a through <= 3.1.1.

6.1

CVE-2024-30194

  • EPSS 8.15%
  • Veröffentlicht 27.03.2024 07:15:55
  • Zuletzt bearbeitet 01.04.2026 16:16:54

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart.This issue affects Sunshine Photo Cart: from n/a through <= 3.1.1.

5.3

CVE-2024-1294

  • EPSS 0.45%
  • Veröffentlicht 29.02.2024 01:43:47
  • Zuletzt bearbeitet 08.04.2026 19:20:36

The Sunshine Photo Cart: Free Client Galleries for Photographers plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.24 via the 'invoice'. This makes it possible for unauthenticated attackers...

6.5

CVE-2023-41796

  • EPSS 0.05%
  • Veröffentlicht 20.12.2023 14:15:20
  • Zuletzt bearbeitet 21.11.2024 08:21:42

Authorization Bypass Through User-Controlled Key vulnerability in WP Sunshine Sunshine Photo Cart: Free Client Galleries for Photographers.This issue affects Sunshine Photo Cart: Free Client Galleries for Photographers: from n/a before 3.0.0.

4.3

CVE-2021-4415

  • EPSS 0.14%
  • Veröffentlicht 12.07.2023 04:15:11
  • Zuletzt bearbeitet 08.04.2026 19:17:45

The Sunshine Photo Cart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.8.28 This is due to missing or incorrect nonce validation on the sunshine_products_quicksave_post() function. This makes it p...

8.8

CVE-2022-40692

  • EPSS 0.1%
  • Veröffentlicht 02.02.2023 21:22:38
  • Zuletzt bearbeitet 21.11.2024 07:21:51

Cross-Site Request Forgery (CSRF) vulnerability in WP Sunshine Sunshine Photo Cart plugin <= 2.9.13 versions.