VYPR

Virtuemart

by WordPress

CVEs (2)

  • CVE-2023-54362MedApr 9, 2026
    risk 0.40cvss 6.1epss 0.00

    Joomla VirtueMart Shopping-Cart 4.0.12 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the keyword parameter. Attackers can craft malicious URLs containing script payloads in the keyword parameter of the…

  • CVE-2018-7465MedApr 26, 2018
    risk 0.38cvss 5.4epss 0.02

    An XSS issue was discovered in VirtueMart before 3.2.14. All the textareas in the backend of the plugin can be closed by simply adding to the value and saving the product/config. By editing back the product/config, the editor's browser will execute everything after…