Implecode: >> Ecommerce Product Catalog >> 3.3.9 Security Vulnerabilities
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in impleCode eCommerce Product Catalog Plugin for WordPress.This issue affects eCommerce Product Catalog Plugin for WordPress: from n/a through 3.3.26.
CVSS Score
5.3
EPSS Score
0.007
Published
2023-12-29
The eCommerce Product Catalog Plugin for WordPress plugin before 3.3.26 does not have CSRF checks in some of its admin pages, which could allow attackers to make logged-in users perform unwanted actions via CSRF attacks, such as delete all products
CVSS Score
6.5
EPSS Score
0.001
Published
2023-12-04
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in impleCode eCommerce Product Catalog Plugin for WordPress plugin <= 3.3.26 versions.
CVSS Score
6.5
EPSS Score
0.002
Published
2023-11-23