cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-6074,https://securityvulnerability.io/vulnerability/CVE-2024-6074,WP-Cart Plugin Vulnerable to Reflected Cross-Site Scripting,"The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin",Wordpress,WP Estore,6.1,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,2024-07-15T06:15:00.000Z,0
CVE-2024-6072,https://securityvulnerability.io/vulnerability/CVE-2024-6072,iam_vuln_in_wp_cart_plugin,"The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers",Wordpress,WP Estore,6.1,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,2024-07-15T06:15:00.000Z,0
CVE-2024-6073,https://securityvulnerability.io/vulnerability/CVE-2024-6073,WordPress Plugin Vulnerable to Reflected Cross-Site Scripting,"The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin",Wordpress,WP Estore,6.1,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,2024-07-15T06:15:00.000Z,0
CVE-2024-6075,https://securityvulnerability.io/vulnerability/CVE-2024-6075,Unprotected CSRF Vulnerability in WP-Cart for Digital Products,"The wp-cart-for-digital-products plugin for WordPress, prior to version 8.5.5, is susceptible to Cross-Site Request Forgery (CSRF) vulnerabilities due to inadequate CSRF checks in certain functionalities. This flaw permits attackers to exploit logged-in users’ sessions to execute unauthorized actions, undermining the integrity and security of the affected WordPress sites. It is crucial for users of this plugin to update to the latest version to mitigate potential risks associated with this vulnerability.",Wordpress,WP Estore,8.8,HIGH,0.000750000006519258,false,,false,false,false,,false,false,2024-07-15T06:15:00.000Z,0