Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

sunshinephotocart — Vulnerabilities & Security Advisories 17

Browse all 17 CVE security advisories affecting sunshinephotocart. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Sunshinephotocart is an e-commerce shopping cart solution designed for photographers to sell digital images and prints online. Historically, it has been vulnerable to multiple security issues including remote code execution, cross-site scripting, SQL injection, and privilege escalation vulnerabilities. The application's 17 recorded CVEs highlight consistent security flaws, particularly in input validation and access control. Notable incidents include multiple RCE vulnerabilities allowing attackers to execute arbitrary code on server systems, and persistent XSS issues enabling client-side script injection. These vulnerabilities often stem from insufficient sanitization of user inputs and inadequate protection against unauthorized access, posing significant risks to both store operators and their customers.

Top products by sunshinephotocart: Sunshine Photo Cart Sunshine Photo Cart – Client Photo Gallery & Photo Proofing for Photographers
CVE IDTitleCVSSSeverityPublished
CVE-2026-39564 WordPress Sunshine Photo Cart plugin < 3.6.2 - Sensitive Data Exposure vulnerability — Sunshine Photo CartCWE-201 5.3 Medium2026-04-08
CVE-2025-67973 WordPress Sunshine Photo Cart plugin <= 3.5.6.2 - Broken Access Control vulnerability — Sunshine Photo CartCWE-862 6.5 Medium2026-02-20
CVE-2026-24994 WordPress Sunshine Photo Cart plugin <= 3.5.7.2 - Broken Access Control vulnerability — Sunshine Photo CartCWE-862 5.3 Medium2026-02-03
CVE-2025-68535 WordPress Sunshine Photo Cart plugin <= 3.5.7.1 - Broken Access Control vulnerability — Sunshine Photo CartCWE-862 4.3 Medium2025-12-24
CVE-2025-62892 WordPress Sunshine Photo Cart plugin <= 3.5.3 - Broken Access Control vulnerability — Sunshine Photo CartCWE-862 5.3 Medium2025-10-27
CVE-2025-5482 Sunshine Photo Cart <= 3.4.11 - Authenticated (Subscriber+) Privilege Escalation — Sunshine Photo Cart – Client Photo Gallery & Photo Proofing for PhotographersCWE-620 8.8 High2025-06-04
CVE-2025-31084 WordPress Sunshine Photo Cart plugin <= 3.4.10 - PHP Object Injection Vulnerability — Sunshine Photo CartCWE-502 9.8 Critical2025-04-01
CVE-2024-49697 WordPress Sunshine Photo Cart plugin <= 3.2.9 - Broken Access Control vulnerability — Sunshine Photo CartCWE-862 4.3 Medium2024-11-19
CVE-2024-47314 WordPress Sunshine Photo Cart plugin <= 3.2.8 - Broken Access Control vulnerability — Sunshine Photo CartCWE-862 7.1 High2024-11-01
CVE-2024-44038 WordPress Sunshine Photo Cart plugin <= 3.2.9 - Broken Access Control vulnerability — Sunshine Photo CartCWE-862 5.3 Medium2024-11-01
CVE-2024-43136 WordPress Sunshine Photo Cart plugin <= 3.2.1 - Broken Access Control vulnerability — Sunshine Photo CartCWE-862 4.3 Medium2024-11-01
CVE-2024-50463 WordPress Sunshine Photo Cart plugin <= 3.2.9 - Open Redirection vulnerability — Sunshine Photo CartCWE-601 4.7 Medium2024-10-28
CVE-2024-43971 WordPress Sunshine Photo Cart plugin <= 3.2.5 - Cross Site Scripting (XSS) vulnerability — Sunshine Photo CartCWE-79 7.1 High2024-09-17
CVE-2024-30221 WordPress Sunshine Photo Cart plugin <= 3.1.1 - PHP Object Injection vulnerability — Sunshine Photo CartCWE-502 5.4 Medium2024-03-28
CVE-2024-30194 WordPress Sunshine Photo Cart plugin <= 3.1.1 - Reflected Cross Site Scripting (XSS) vulnerability — Sunshine Photo CartCWE-79 7.1 High2024-03-27
CVE-2024-1294 Sunshine Photo Cart: Free Client Galleries for Photographers <= 3.0.24 - Unauthenticated Sensitive Information Exposure via Invoice — Sunshine Photo Cart – Client Photo Gallery & Photo Proofing for PhotographersCWE-284 5.3 Medium2024-02-20
CVE-2021-4415 Sunshine Photo Cart <= 2.8.28 - Cross-Site Request Forgery Bypass — Sunshine Photo Cart – Client Photo Gallery & Photo Proofing for PhotographersCWE-352 4.3 Medium2023-07-12

This page lists every published CVE security advisory associated with sunshinephotocart. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.