| Max CVSS | 5.0 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-3986 | 4.3 |
Cross-site request forgery (CSRF) vulnerability in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote attackers to hijack the authentication of administrators f
|
09-10-2018 - 19:57 | 14-05-2015 - 14:59 | |
| CVE-2015-3301 | 4.0 |
Directory traversal vulnerability in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote administrators to read arbitrary files via a .. (dot dot) in the tcp_box
|
09-10-2018 - 19:56 | 14-05-2015 - 14:59 | |
| CVE-2015-3302 | 5.0 |
The TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote attackers to obtain sensitive order detail information by leveraging a "broken authentication mechanism."
|
09-10-2018 - 19:56 | 29-12-2017 - 22:29 | |
| CVE-2015-3300 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allow remote attackers to inject arbitrary web script or HTML via th
|
09-10-2018 - 19:56 | 14-05-2015 - 14:59 |