Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Wordpress Simple Shop Project Subscribe
Filtered by product Wordpress Simple Shop
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-38340 1 Wordpress Simple Shop Project 1 Wordpress Simple Shop 2021-09-21 4.3 MEDIUM 6.1 MEDIUM
The Wordpress Simple Shop WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the update_row parameter found in the ~/includes/add_product.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.2.