Browse all 3 CVE security advisories affecting WP EasyCart. AI-powered Chinese analysis, POCs, and references for each vulnerability.
WP EasyCart serves as an e-commerce solution for WordPress websites, enabling online sales management. Historically, the plugin has been susceptible to multiple security vulnerabilities, including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws. These issues often stem from insufficient input validation and improper access controls. With three CVEs currently on record, WP EasyCart has faced persistent security challenges that could allow attackers to compromise websites, steal customer data, or gain unauthorized administrative access. The plugin's security track record highlights the importance of regular updates and careful implementation for users handling sensitive e-commerce operations.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-35667 | WordPress Shopping Cart & eCommerce Store plugin <= 5.5.19 - Broken Access Control vulnerability — WP EasyCartCWE-862 | 5.3 | Medium | 2024-06-11 |
| CVE-2024-32452 | WordPress Shopping Cart & eCommerce Store plugin <= 5.5.19 - Cross Site Request Forgery (CSRF) vulnerability — WP EasyCartCWE-352 | 5.4 | Medium | 2024-04-15 |
| CVE-2021-34645 | Shopping Cart & eCommerce Store <= 5.1.0 Cross-Site Request Forgery to Stored Cross-Site Scripting — Shopping Cart & eCommerce StoreCWE-352 | 8.8 | High | 2021-08-19 |
This page lists every published CVE security advisory associated with WP EasyCart. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.