Implecode Ecommerce Product Catalog — known CVE vulnerabilities
Every CVE whose affected-product data names Implecode Ecommerce Product Catalog, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2023-47839 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in impleCode eCommerce Product Catalog…
CVE-2023-5979 — CVSS 6.5 (medium): The eCommerce Product Catalog Plugin for WordPress plugin before 3.3.26 does not have CSRF checks in some of its admin pages, which could…
CVE-2021-24875 — CVSS 6.1 (medium): The eCommerce Product Catalog Plugin for WordPress plugin before 3.0.39 does not escape the ic-settings-search parameter before outputting…
CVE-2023-51688 — CVSS 5.3 (medium): Exposure of Sensitive Information to an Unauthorized Actor vulnerability in impleCode eCommerce Product Catalog Plugin for WordPress.This…
CVE-2023-1470 — CVSS 4.4 (medium): The eCommerce Product Catalog plugin for WordPress is vulnerable to Stored Cross-Site Scripting via some of its settings parameters in…
CVE-2021-4393 — CVSS 4.3 (medium): The eCommerce Product Catalog Plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and…
CVE-2021-4392 — CVSS 4.3 (medium): The eCommerce Product Catalog Plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and…