Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

mra13 — Vulnerabilities & Security Advisories 17

Browse all 17 CVE security advisories affecting mra13. AI-powered Chinese analysis, POCs, and references for each vulnerability.

mra13 is a software component primarily used for authentication and session management in web applications. Historically, it has been associated with 17 CVEs, commonly involving remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The component's security posture has been compromised in several high-profile incidents, including unauthorized access to sensitive user data and complete system takeovers due to insecure default configurations. Security researchers have consistently identified flaws in its input validation and access control mechanisms, making it a frequent target in penetration testing engagements. Organizations using mra13 should prioritize applying security patches and implementing additional compensating controls.

Top products by mra13: Simple Shopping Cart Simple Download Monitor Compact WP Audio Player WP Express Checkout (Accept PayPal Payments Easily) Accept Stripe Payments Stripe Payments
CVE IDTitleCVSSSeverityPublished
CVE-2026-0552 Simple Shopping Cart <= 5.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'wpsc_display_product' Shortcode — Simple Shopping CartCWE-79 6.4 Medium2026-04-04
CVE-2026-2383 Simple Download Monitor <= 4.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Field — Simple Download MonitorCWE-79 6.4 Medium2026-02-27
CVE-2025-8977 Simple Download Monitor <= 3.9.33 - Simple Download Monitor <= 3.9.33 – Authenticated (Contributor+) SQL Injection via order parameter in Log Export functionality — Simple Download MonitorCWE-89 6.5 Medium2025-08-28
CVE-2025-58197 WordPress Simple Download Monitor Plugin <= 3.9.34 - Cross Site Scripting (XSS) Vulnerability — Simple Download MonitorCWE-79 6.5 Medium2025-08-27
CVE-2025-3890 WordPress Simple PayPal Shopping Cart <= 5.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Simple Shopping CartCWE-79 6.4 Medium2025-05-01
CVE-2025-3874 WordPress Simple PayPal Shopping Cart <= 5.1.3 - Insecure Direct Object Reference — Simple Shopping CartCWE-639 6.5 Medium2025-05-01
CVE-2025-3889 WordPress Simple PayPal Shopping Cart <= 5.1.3 - Insecure Direct Object Reference via 'quantity' — Simple Shopping CartCWE-639 5.3 Medium2025-05-01
CVE-2025-3530 WordPress Simple PayPal Shopping Cart <= 5.1.2 - Unauthenticated Product Price Manipulation — Simple Shopping CartCWE-472 7.5 High2025-04-23
CVE-2025-3529 WordPress Simple PayPal Shopping Cart <= 5.1.2 - Unauthenticated Information Exposure via file_url Parameter — Simple Shopping CartCWE-201 8.2 High2025-04-23
CVE-2025-24663 WordPress Simple Download Monitor plugin <= 3.9.25 - SQL Injection vulnerability — Simple Download MonitorCWE-89 7.6 High2025-01-24
CVE-2024-56279 WordPress Compact WP Audio Player plugin <= 1.9.14 - Server Side Request Forgery (SSRF) vulnerability — Compact WP Audio PlayerCWE-918 6.4 Medium2025-01-07
CVE-2024-12622 WordPress Simple Shopping Cart <= 5.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting — Simple Shopping CartCWE-79 6.4 Medium2024-12-24
CVE-2023-48286 WordPress Accept Stripe Payments plugin <= 2.0.79 - Broken Access Control vulnerability — Stripe PaymentsCWE-862 8.2 High2024-12-09
CVE-2024-10176 Compact WP Audio Player <= 1.9.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via sc_embed_player Shortcode — Compact WP Audio PlayerCWE-79 6.4 Medium2024-10-24
CVE-2024-7353 Accept Stripe Payments <= 2.0.86 - Authenticated (Contributor+) Stored Cross-Site Scripting via accept_stripe_payment_ng Shortcode — Accept Stripe PaymentsCWE-79 5.4 Medium2024-08-07
CVE-2023-6497 WordPress Simple Shopping Cart <= 4.7.1 - Authenticated(Administrator+) Stored Cross-Site Scripting — Simple Shopping CartCWE-79 4.4 Medium2024-01-27
CVE-2023-1469 WordPress Plugin WP Express Checkout 跨站脚本漏洞 — WP Express Checkout (Accept PayPal Payments Easily) 4.4 Medium2023-03-17

This page lists every published CVE security advisory associated with mra13. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.