🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

TheCartPress eCommerce Shopping Cart

Wordfence Intelligence > Vulnerability Database > WordPress Plugins > TheCartPress eCommerce Shopping Cart

Information

Software Type	Plugin
Software Slug	thecartpress (view on wordpress.org)
Software Status	Removed
Software Author	thecartpress
Software Website	thecartpress.com
Software Downloads	202,896
Software Active Installs	500
Software Record Last Updated	April 16, 2024

5 Vulnerabilities

TheCartPress eCommerce Shopping Cart <= 1.5.3.6 - Multiple Cross-Site Scripting

6.1

CVE-2015-3300

Apr 29, 2015

Researcher: High-Tech Bridge Security Research Lab

TheCartPress eCommerce Shopping Cart <= 1.5.3.6 - Sensitive Information Disclosure

7.5

CVE-2015-3302

Apr 29, 2015

Researcher: High-Tech Bridge Security Research Lab

TheCartPress eCommerce Shopping Cart <= 1.5.3.6 - Directory Traversal

4.9

CVE-2015-3301

Apr 29, 2015

Researcher: High-Tech Bridge Security Research Lab

TheCartPress eCommerce Shopping Cart <= 1.5.3.6 Cross-Site Request Forgery

8.8

CVE-2015-3986

Apr 8, 2015

Researcher: High-Tech Bridge Security Research Lab

TheCartPress eCommerce Shopping Cart <= 1.1.5 - Cross-Site Scripting

6.1

CVE-2011-5207

Dec 31, 2011

Researcher: 6Scan

Title	Status	CVE ID	CVSS	Researchers	Date
TheCartPress eCommerce Shopping Cart <= 1.5.3.6 - Multiple Cross-Site Scripting	Unpatched	CVE-2015-3300	6.1	High-Tech Bridge Security Research Lab	April 29, 2015
TheCartPress eCommerce Shopping Cart <= 1.5.3.6 - Sensitive Information Disclosure	Unpatched	CVE-2015-3302	7.5	High-Tech Bridge Security Research Lab	April 29, 2015
TheCartPress eCommerce Shopping Cart <= 1.5.3.6 - Directory Traversal	Unpatched	CVE-2015-3301	4.9	High-Tech Bridge Security Research Lab	April 29, 2015
TheCartPress eCommerce Shopping Cart <= 1.5.3.6 Cross-Site Request Forgery	Unpatched	CVE-2015-3986	8.8	High-Tech Bridge Security Research Lab	April 8, 2015
TheCartPress eCommerce Shopping Cart <= 1.1.5 - Cross-Site Scripting	Patched	CVE-2011-5207	6.1	6Scan	December 31, 2011

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation