Sunshinephotocart Sunshine Photo Cart — known CVE vulnerabilities
Every CVE whose affected-product data names Sunshinephotocart Sunshine Photo Cart, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (16)
CVE-2025-31084 — CVSS 9.8 (critical): Deserialization of Untrusted Data vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Object Injection.This…
CVE-2025-5482 — CVSS 8.8 (high): The Sunshine Photo Cart: Free Client Photo Galleries for Photographers plugin for WordPress is vulnerable to privilege escalation via…
CVE-2024-30194 — CVSS 7.1 (high): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sunshinephotocart Sunshine Photo Cart…
CVE-2024-43971 — CVSS 7.1 (high): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sunshinephotocart Sunshine Photo Cart…
CVE-2022-4301 — CVSS 6.1 (medium): The Sunshine Photo Cart WordPress plugin before 2.9.15 does not sanitise and escape a parameter before outputting it back in the page…
CVE-2024-30221 — CVSS 5.4 (medium): Deserialization of Untrusted Data vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart.This issue affects Sunshine…
CVE-2024-1294 — CVSS 5.3 (medium): The Sunshine Photo Cart: Free Client Galleries for Photographers plugin for WordPress is vulnerable to Sensitive Information Exposure in…
CVE-2021-4415 — CVSS 4.3 (medium): The Sunshine Photo Cart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.8.28 This is…