Vulnerabilities (CVE)

Filtered by vendor Shoppagewp Subscribe
Filtered by product Shop Page Wp
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-24811 1 Shoppagewp 1 Shop Page Wp 2024-02-28 3.5 LOW 4.8 MEDIUM
The Shop Page WP WordPress plugin before 1.2.8 does not sanitise and escape some of the Product fields, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.