VYPR
Get started
← All vendors
Vendor

Sunshinephotocart

Sign in to watch
Products
1
CVEs
14
Across products
14
Status
Private

Products

1

Recent CVEs

14
CVESevRiskCVSSEPSSKEVPublishedDescription
CVE-2025-31084Cri0.649.80.00Apr 1, 2025Deserialization of Untrusted Data vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Object Injection.This issue affects Sunshine Photo Cart: from n/a through <= 3.4.10.
CVE-2024-30194Hig0.487.10.19Mar 27, 2024Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart.This issue affects Sunshine Photo Cart: from n/a through <= 3.1.1.
CVE-2024-43971Hig0.477.10.10Sep 18, 2024Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart.This issue affects Sunshine Photo Cart: from n/a through <= 3.2.5.
CVE-2024-47314Hig0.467.10.01Nov 1, 2024Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through <= 3.2.8.
CVE-2024-30221Med0.355.40.01Mar 28, 2024Deserialization of Untrusted Data vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart.This issue affects Sunshine Photo Cart: from n/a through <= 3.1.1.
CVE-2022-40692Med0.355.40.00Feb 2, 2023Cross-Site Request Forgery (CSRF) vulnerability in WP Sunshine Sunshine Photo Cart plugin <= 2.9.13 versions.
CVE-2024-44038Med0.345.30.01Nov 1, 2024Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through <= 3.2.9.
CVE-2024-1294Med0.345.30.00Feb 29, 2024The Sunshine Photo Cart: Free Client Galleries for Photographers plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.24 via the 'invoice'. This makes it possible for unauthenticated attackers to extract sensitive data including customer email and physical addresses.
CVE-2023-41796Med0.345.30.00Dec 20, 2023Authorization Bypass Through User-Controlled Key vulnerability in WP Sunshine Sunshine Photo Cart: Free Client Galleries for Photographers.This issue affects Sunshine Photo Cart: Free Client Galleries for Photographers: from n/a before 3.0.0.
CVE-2024-50463Med0.314.70.00Oct 28, 2024URL Redirection to Untrusted Site ('Open Redirect') vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart.This issue affects Sunshine Photo Cart: from n/a through <= 3.2.9.
CVE-2024-49697Med0.284.30.00Nov 19, 2024Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through <= 3.2.9.
CVE-2024-43136Med0.284.30.01Nov 1, 2024Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart.This issue affects Sunshine Photo Cart: from n/a through <= 3.2.1.
CVE-2021-4415Med0.284.30.00Jul 12, 2023The Sunshine Photo Cart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.8.28 This is due to missing or incorrect nonce validation on the sunshine_products_quicksave_post() function. This makes it possible for unauthenticated attackers to save custom post data via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
CVE-2022-458260.000.00Dec 13, 2024Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through 2.9.13.