Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-36082 | 1 Codepeople | 1 Music Store | 2024-10-30 | N/A | 6.5 MEDIUM |
SQL injection vulnerability in Music Store - WordPress eCommerce versions prior to 1.1.14 allows a remote authenticated attacker with an administrative privilege to execute arbitrary SQL commands. Information stored in the database may be obtained or altered by the attacker. | |||||
CVE-2016-10992 | 1 Codepeople | 1 Music Store | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
The music-store plugin before 1.0.43 for WordPress has XSS via the wp-admin/admin.php?page=music-store-menu-reports from_year parameter. |