VYPR

Ultimate Product Catalog

by Etoilewebdesign

CVEs (2)

  • CVE-2017-12199CriAug 2, 2017
    risk 0.64cvss 9.8epss 0.02

    The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has SQL injection with these wp-admin/admin-ajax.php POST actions: catalogue_update_order list-item, video_update_order video-item, image_update_order list-item, tag_group_update_order list_item,…

  • CVE-2017-12200MedAug 2, 2017
    risk 0.40cvss 6.1epss 0.01

    The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has XSS in the Add Product Manually component.