Wordpress Simple Shop Project - Wordpress Simple Shop CVE

Filtered by vendor Wordpress Simple Shop Project Subscribe

Filtered by product Wordpress Simple Shop

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-38340	1 Wordpress Simple Shop Project	1 Wordpress Simple Shop	2024-11-21	4.3 MEDIUM	6.1 MEDIUM
The Wordpress Simple Shop WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the update_row parameter found in the ~/includes/add_product.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.2.

Vulnerabilities (CVE)