VYPR

Ecwid by Lightspeed Ecommerce Shopping Cart

by Lightspeed

CVEs (1)

  • CVE-2024-13795Feb 18, 2025
    risk 0.00cvss epss 0.00

    The Ecwid by Lightspeed Ecommerce Shopping Cart plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.12.27. This is due to missing or incorrect nonce validation on the ecwid_deactivate_feedback() function. This makes it…