VYPR

E Commerce Plugin

by Instinct

CVEs (2)

  • CVE-2024-14015HigNov 24, 2025
    risk 0.46cvss 7.1epss 0.00

    The WordPress eCommerce Plugin WordPress plugin through 2.9.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

  • CVE-2008-6811May 18, 2009
    risk 0.04cvss epss 0.07

    Unrestricted file upload vulnerability in image_processing.php in the e-Commerce Plugin 3.4 and earlier for Wordpress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in…