Vulnerabilities (CVE)

Filtered by vendor Codepeople Subscribe
Filtered by product Music Store
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-36082 1 Codepeople 1 Music Store 2024-10-30 N/A 6.5 MEDIUM
SQL injection vulnerability in Music Store - WordPress eCommerce versions prior to 1.1.14 allows a remote authenticated attacker with an administrative privilege to execute arbitrary SQL commands. Information stored in the database may be obtained or altered by the attacker.
CVE-2016-10992 1 Codepeople 1 Music Store 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
The music-store plugin before 1.0.43 for WordPress has XSS via the wp-admin/admin.php?page=music-store-menu-reports from_year parameter.