Carts.guru: Security Vulnerabilities
Carts Guru cartsguru up to v2.4.2 was discovered to contain a SQL injection vulnerability via the component CartsGuruCatalogModuleFrontController::display().
CVSS Score
9.8
EPSS Score
0.001
Published
2023-09-15
The Carts Guru plugin 1.4.5 for WordPress allows Insecure Deserialization via a cartsguru-source cookie to classes/wc-cartsguru-event-handler.php.
CVSS Score
9.8
EPSS Score
0.008
Published
2019-05-20