This page lists publicly disclosed CVE vulnerabilities affecting codepeople music_store (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-36082 | SQL injection vulnerability in Music Store - WordPress eCommerce versions prior to 1.1.14 allows a remote authenticated attacker with an administrative privilege to execute arbitrary SQL commands. Information stored in the database may be obtained or altered by the attacker. | [email protected] | 6.5 | 0.82% | 2024-06-07 | 2024-11-21 |
| CVE-2016-10992 | The music-store plugin before 1.0.43 for WordPress has XSS via the wp-admin/admin.php?page=music-store-menu-reports from_year parameter. | [email protected] | 6.1 | 0.26% | 2019-09-17 | 2024-11-21 |