CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32558 – WordPress eCommerce Product Catalog plugin <= 3.3.32 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-32558
18 Apr 2024 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in impleCode eCommerce Product Catalog allows Reflected XSS.This issue affects eCommerce Product Catalog: from n/a through 3.3.32. La vulnerabilidad de neutralización inadecuada de la entrada durante la generación de páginas web ('cross-site Scripting') en impleCode eCommerce Product Catalog permite el XSS reflejado. Este problema afecta el catálogo de productos de comercio electrónico: desde n/a hasta 3.3.32.... • https://patchstack.com/database/vulnerability/ecommerce-product-catalog/wordpress-ecommerce-product-catalog-plugin-3-3-32-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32437 – WordPress eCommerce Product Catalog plugin <= 3.3.28 - Cross Site Request Forgery (CSRF) vulnerability
https://notcve.org/view.php?id=CVE-2024-32437
12 Apr 2024 — Cross-Site Request Forgery (CSRF) vulnerability in impleCode eCommerce Product Catalog.This issue affects eCommerce Product Catalog: from n/a through 3.3.28. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en impleCode eCommerce Product Catalog. Este problema afecta al catálogo de productos de comercio electrónico: desde n/a hasta 3.3.28. The eCommerce Product Catalog plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.3.28. This is due to missing or inco... • https://patchstack.com/database/vulnerability/ecommerce-product-catalog/wordpress-ecommerce-product-catalog-plugin-3-3-28-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •