VYPR

Music Store

by WordPress

Source repositories

CVEs (3)

  • CVE-2025-24626HigJan 27, 2025
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codepeople Music Store music-store allows Reflected XSS.This issue affects Music Store: from n/a through <= 1.1.19.

  • CVE-2024-36082MedJun 7, 2024
    risk 0.42cvss 6.5epss 0.01

    SQL injection vulnerability in Music Store - WordPress eCommerce versions prior to 1.1.14 allows a remote authenticated attacker with an administrative privilege to execute arbitrary SQL commands. Information stored in the database may be obtained or altered by the attacker.

  • CVE-2016-10992MedSep 17, 2019
    risk 0.40cvss 6.1epss 0.02

    The music-store plugin before 1.0.43 for WordPress has XSS via the wp-admin/admin.php?page=music-store-menu-reports from_year parameter.