| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-24580 | WordPress Ecwid Shopping Cart plugin <= 7.0.5 - Broken Access Control vulnerability | Ecwid by Lightspeed Ecommerce Shopping Cart | Ecwid Shopping Cart | Medium | 4.3 | 2026-01-23 14:28:59 | Deep Dive |
| CVE-2026-24526 | WordPress Email Inquiry & Cart Options for WooCommerce plugin <= 3.4.3 - Cross Site Scripting (XSS) vulnerability | Steve Truman | Email Inquiry & Cart Options for WooCommerce | Medium | 6.5 | 2026-01-23 14:28:49 | Deep Dive |
| CVE-2025-67684 | Remote Code Execution via Local File Inclusion in Quick.Cart | OpenSolution | Quick.Cart | - | - | 2026-01-22 11:57:29 | Deep Dive |
| CVE-2025-67683 | Reflected XSS in Quick.Cart | OpenSolution | Quick.Cart | - | - | 2026-01-22 11:57:24 | Deep Dive |
| CVE-2021-47769 | Isshue Shopping Cart 3.5 - 'Title' Cross Site Scripting (XSS) | Bdtask | Isshue Shopping Cart | Medium | 4.8 | 2026-01-15 15:52:11 | Deep Dive |
| CVE-2025-68535 | WordPress Sunshine Photo Cart plugin <= 3.5.7.1 - Broken Access Control vulnerability | sunshinephotocart | Sunshine Photo Cart | Medium | 4.3 | 2025-12-24 12:31:27 | Deep Dive |
| CVE-2025-64222 | WordPress WooCommerce Recover Abandoned Cart plugin <= 24.6.0 - Arbitrary Content Deletion vulnerability | FantasticPlugins | WooCommerce Recover Abandoned Cart | High | 7.5 | 2025-12-18 07:22:13 | Deep Dive |
| CVE-2024-58304 | SPA-CART CMS 1.9.0.3 Stored Cross-Site Scripting | SPA-Cart | SPA-CART CMS | High | 7.5 | 2025-12-11 21:40:42 | Deep Dive |
| CVE-2025-14248 | code-projects Simple Shopping Cart adminlogin.php sql injection | code-projects | Simple Shopping Cart | High | 7.3 | 2025-12-08 14:32:08 | Deep Dive |
| CVE-2025-14247 | code-projects Simple Shopping Cart additems.php sql injection | code-projects | Simple Shopping Cart | Medium | 6.3 | 2025-12-08 14:02:10 | Deep Dive |
| CVE-2025-14246 | code-projects Simple Shopping Cart settings.php sql injection | code-projects | Simple Shopping Cart | Medium | 6.3 | 2025-12-08 13:32:05 | Deep Dive |
| CVE-2025-66109 | WordPress Cart Weight for WooCommerce plugin <= 1.9.11 - Broken Access Control vulnerability | Octolize Shipping Plugins | Cart Weight for WooCommerce | Medium | 5.3 | 2025-11-21 12:30:05 | Deep Dive |
| CVE-2025-13239 | Bdtask/CodeCanyon Isshue Multi Store eCommerce Shopping Cart Solution submit_checkout behavioral workflow | Bdtask | Isshue Multi Store eCommerce Shopping Cart Solution | Medium | 4.3 | 2025-11-16 06:02:06 | Deep Dive |
| CVE-2025-13186 | Bdtask/CodeCanyon Isshue Multi Store eCommerce Shopping Cart Solution manage_customer cross site scripting | Bdtask | Isshue Multi Store eCommerce Shopping Cart Solution | Low | 2.4 | 2025-11-14 21:32:06 | Deep Dive |
| CVE-2025-10317 | Multiple Cross-Site Request Forgery in Quick.Cart | OpenSolution | Quick.Cart | - | - | 2025-10-30 11:48:44 | Deep Dive |
| CVE-2025-62892 | WordPress Sunshine Photo Cart plugin <= 3.5.3 - Broken Access Control vulnerability | sunshinephotocart | Sunshine Photo Cart | Medium | 5.3 | 2025-10-27 01:33:47 | Deep Dive |
| CVE-2025-60171 | WordPress Conditional Cart Messages for WooCommerce – YourPlugins.com Plugin <= 1.2.10 - Cross Site Request Forgery (CSRF) Vulnerability | yourplugins | Conditional Cart Messages for WooCommerce – YourPlugins.com | High | 7.1 | 2025-09-26 08:32:07 | Deep Dive |
| CVE-2024-13342 | Booster for WooCommerce <= 7.2.4 - Unauthenticated Double Extension Arbitrary File Upload | pluggabl | Booster for WooCommerce – PDF Invoices, Abandoned Cart, Variation Swatches & 100+ Tools | High | 8.1 | 2025-08-29 10:54:02 | Deep Dive |
| CVE-2025-7609 | code-projects Simple Shopping Cart register.php sql injection | code-projects | Simple Shopping Cart | High | 7.3 | 2025-07-14 13:44:06 | Deep Dive |
| CVE-2025-7608 | code-projects Simple Shopping Cart userlogin.php sql injection | code-projects | Simple Shopping Cart | High | 7.3 | 2025-07-14 13:32:06 | Deep Dive |