Tipsandtricks-hq Wordpress Simple Paypal Shopping Cart — known CVE vulnerabilities
Every CVE whose affected-product data names Tipsandtricks-hq Wordpress Simple Paypal Shopping Cart, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2013-2705 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in the WordPress Simple Paypal Shopping Cart plugin before 3.6 for WordPress allows remote…
CVE-2025-3874 — CVSS 6.5 (medium): The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and…
CVE-2025-3890 — CVSS 6.4 (medium): The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wp_cart_button'…
CVE-2022-4672 — CVSS 5.4 (medium): The WordPress Simple Shopping Cart WordPress plugin before 4.6.2 does not validate and escape some of its shortcode attributes before…
CVE-2023-1431 — CVSS 5.3 (medium): The WP Simple Shopping Cart plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 4.6.3…
CVE-2025-3889 — CVSS 5.3 (medium): The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and…
CVE-2023-6497 — CVSS 4.4 (medium): The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the automatic redirect URL setting…