Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

Simple Shopping Cart — Vulnerabilities & Security Advisories 14

All 14 CVE vulnerabilities found in Simple Shopping Cart, with AI-generated Chinese analysis, references, and POCs.

Vendor: mra13

CVE IDTitleCVSSSeverityPaused
CVE-2026-0552 Simple Shopping Cart <= 5.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'wpsc_display_product' Shortcode CWE-79 6.4 Medium2026-04-04
CVE-2025-14248 code-projects Simple Shopping Cart adminlogin.php sql injection CWE-89 7.3 High2025-12-08
CVE-2025-14247 code-projects Simple Shopping Cart additems.php sql injection CWE-89 6.3 Medium2025-12-08
CVE-2025-14246 code-projects Simple Shopping Cart settings.php sql injection CWE-89 6.3 Medium2025-12-08
CVE-2025-7609 code-projects Simple Shopping Cart register.php sql injection CWE-89 7.3 High2025-07-14
CVE-2025-7608 code-projects Simple Shopping Cart userlogin.php sql injection CWE-89 7.3 High2025-07-14
CVE-2025-7607 code-projects Simple Shopping Cart save_order.php sql injection CWE-89 7.3 High2025-07-14
CVE-2025-3889 WordPress Simple PayPal Shopping Cart <= 5.1.3 - Insecure Direct Object Reference via 'quantity' CWE-639 5.3 Medium2025-05-01
CVE-2025-3874 WordPress Simple PayPal Shopping Cart <= 5.1.3 - Insecure Direct Object Reference CWE-639 6.5 Medium2025-05-01
CVE-2025-3890 WordPress Simple PayPal Shopping Cart <= 5.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CWE-79 6.4 Medium2025-05-01
CVE-2025-3530 WordPress Simple PayPal Shopping Cart <= 5.1.2 - Unauthenticated Product Price Manipulation CWE-472 7.5 High2025-04-23
CVE-2025-3529 WordPress Simple PayPal Shopping Cart <= 5.1.2 - Unauthenticated Information Exposure via file_url Parameter CWE-201 8.2 High2025-04-23
CVE-2024-12622 WordPress Simple Shopping Cart <= 5.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 6.4 Medium2024-12-24
CVE-2023-6497 WordPress Simple Shopping Cart <= 4.7.1 - Authenticated(Administrator+) Stored Cross-Site Scripting CWE-79 4.4 Medium2024-01-27

All 14 known CVE vulnerabilities affecting Simple Shopping Cart with full Chinese analysis, references, and POCs where available.