Codepeople: >> Music Store Security Vulnerabilities
SQL injection vulnerability in Music Store - WordPress eCommerce versions prior to 1.1.14 allows a remote authenticated attacker with an administrative privilege to execute arbitrary SQL commands. Information stored in the database may be obtained or altered by the attacker.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-06-07
The music-store plugin before 1.0.43 for WordPress has XSS via the wp-admin/admin.php?page=music-store-menu-reports from_year parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-09-17