| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-39564 | WordPress Sunshine Photo Cart plugin < 3.6.2 - Sensitive Data Exposure vulnerability | sunshinephotocart | Sunshine Photo Cart | - | - | 2026-04-08 08:30:19 | Deep Dive |
| CVE-2025-67973 | WordPress Sunshine Photo Cart plugin <= 3.5.6.2 - Broken Access Control vulnerability | sunshinephotocart | Sunshine Photo Cart | Medium | 6.5 | 2026-02-20 15:46:29 | Deep Dive |
| CVE-2026-24994 | WordPress Sunshine Photo Cart plugin <= 3.5.7.2 - Broken Access Control vulnerability | sunshinephotocart | Sunshine Photo Cart | - | - | 2026-02-03 14:08:37 | Deep Dive |
| CVE-2025-68535 | WordPress Sunshine Photo Cart plugin <= 3.5.7.1 - Broken Access Control vulnerability | sunshinephotocart | Sunshine Photo Cart | Medium | 4.3 | 2025-12-24 12:31:27 | Deep Dive |
| CVE-2025-62892 | WordPress Sunshine Photo Cart plugin <= 3.5.3 - Broken Access Control vulnerability | sunshinephotocart | Sunshine Photo Cart | Medium | 5.3 | 2025-10-27 01:33:47 | Deep Dive |
| CVE-2025-54081 | SunshineService Has Unquoted Service Path That Allows Local SYSTEM Code Execution | LizardByte | Sunshine | Medium | 6.7 | 2025-09-23 18:18:39 | Deep Dive |
| CVE-2025-10199 | A local privilege escalation vulnerability exists in LizardBytes' Sunshine for Windows | LizardByte | Sunshine for Windows | - | - | 2025-09-09 17:30:20 | Deep Dive |
| CVE-2025-10198 | LizardBytes Sunshine for Windows contains a DLL search-order hijacking vulnerability | LizardByte | Sunshine for Windows | - | - | 2025-09-09 17:28:15 | Deep Dive |
| CVE-2025-53095 | Sunshine application-wide CSRF in the UI leads to command injection as Administrator | LizardByte | Sunshine | Critical | 9.6 | 2025-07-01 01:33:22 | Deep Dive |
| CVE-2025-53096 | Sunshine clickjacking in the UI leads to unauthorized actions being performed | LizardByte | Sunshine | Medium | 5.4 | 2025-07-01 01:33:01 | Deep Dive |
| CVE-2025-5482 | Sunshine Photo Cart <= 3.4.11 - Authenticated (Subscriber+) Privilege Escalation | sunshinephotocart | Sunshine Photo Cart – Client Photo Gallery & Photo Proofing for Photographers | High | 8.8 | 2025-06-04 07:21:45 | Deep Dive |
| CVE-2025-31084 | WordPress Sunshine Photo Cart plugin <= 3.4.10 - PHP Object Injection Vulnerability | sunshinephotocart | Sunshine Photo Cart | Critical | 9.8 | 2025-04-01 05:31:42 | Deep Dive |
| CVE-2024-51738 | Sunshine improperly enforces pairing protocol request order | LizardByte | Sunshine | 高危 | - | 2025-01-20 15:26:04 | Deep Dive |
| CVE-2022-45826 | WordPress Sunshine Photo Cart plugin <= 2.9.13 - Auth. Broken Access Control vulnerability | WP Sunshine | Sunshine Photo Cart | Medium | 5.4 | 2024-12-13 14:22:04 | Deep Dive |
| CVE-2024-49697 | WordPress Sunshine Photo Cart plugin <= 3.2.9 - Broken Access Control vulnerability | sunshinephotocart | Sunshine Photo Cart | Medium | 4.3 | 2024-11-19 16:30:39 | Deep Dive |
| CVE-2024-47314 | WordPress Sunshine Photo Cart plugin <= 3.2.8 - Broken Access Control vulnerability | sunshinephotocart | Sunshine Photo Cart | High | 7.1 | 2024-11-01 14:18:44 | Deep Dive |
| CVE-2024-44038 | WordPress Sunshine Photo Cart plugin <= 3.2.9 - Broken Access Control vulnerability | sunshinephotocart | Sunshine Photo Cart | Medium | 5.3 | 2024-11-01 14:18:42 | Deep Dive |
| CVE-2024-43136 | WordPress Sunshine Photo Cart plugin <= 3.2.1 - Broken Access Control vulnerability | sunshinephotocart | Sunshine Photo Cart | Medium | 4.3 | 2024-11-01 14:17:47 | Deep Dive |
| CVE-2024-50463 | WordPress Sunshine Photo Cart plugin <= 3.2.9 - Open Redirection vulnerability | sunshinephotocart | Sunshine Photo Cart | Medium | 4.7 | 2024-10-28 12:33:32 | Deep Dive |
| CVE-2024-43971 | WordPress Sunshine Photo Cart plugin <= 3.2.5 - Cross Site Scripting (XSS) vulnerability | sunshinephotocart | Sunshine Photo Cart | High | 7.1 | 2024-09-17 23:32:00 | Deep Dive |