Home/Product/inspireui mstore api
Product

inspireui mstore api

28 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-4683
< 4.17.6
The MStore API - Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to unauthorized modification of
4.3MEDIUM
 CVE-2025-3438
< 4.17.5
The MStore API - Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to limited privilege escalation
6.5MEDIUM
 CVE-2024-12042
< 4.16.5
The MStore API - Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to Stored Cross-Site Scripting v
5.4MEDIUM
 CVE-2024-11179
< 4.15.8
The MStore API - Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to SQL Injection via the 'status
6.5MEDIUM
 CVE-2024-8269
< 4.15.4
The MStore API - Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to unauthorized user registratio
7.3HIGH
 CVE-2024-8242
< 4.15.4
The MStore API - Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to arbitrary file uploads due to
4.3MEDIUM
 CVE-2024-7628
< 4.15.3
The MStore API - Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to authentication bypass in vers
8.1HIGH
 CVE-2024-6328
< 4.15.0
The MStore API - Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to authentication bypass in all
9.8CRITICAL
 CVE-2023-50878
<= 4.10.1
Cross-Site Request Forgery (CSRF) vulnerability in InspireUI MStore API.This issue affects MStore API: from n/a through 4.10.1.
5.4MEDIUM
 CVE-2023-45055
< 4.0.7
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in InspireUI MStore API allows
8.5HIGH
 CVE-2023-3277
<= 4.10.7
The MStore API plugin for WordPress is vulnerable to Unauthorized Account Access and Privilege Escalation in versions up to, and i
9.8CRITICAL
 CVE-2023-3202
<= 3.9.6
The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_upda
4.3MEDIUM
 CVE-2023-3199
<= 3.9.6
The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_upda
4.3MEDIUM
 CVE-2023-3209
< 3.9.7
The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce chec
3.5LOW
 CVE-2023-3131
< 3.9.7
The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce chec
4.3MEDIUM
 CVE-2023-3077
< 3.9.8
The MStore API WordPress plugin before 3.9.8 does not sanitise and escape a parameter before using it in a SQL statement, leading
9.8CRITICAL
 CVE-2023-3076
< 3.9.9
The MStore API WordPress plugin before 3.9.9 does not prevent visitors from creating user accounts with the role of their choice v
9.8CRITICAL
 CVE-2023-3197
<= 4.0.1
The MStore API plugin for WordPress is vulnerable to Unauthenticated Blind SQL Injection via the 'id' parameter in versions up to,
9.8CRITICAL
 CVE-2022-47614
<= 3.9.7
Unauth. SQL Injection (SQLi) vulnerability in InspireUI MStore API plugin <= 3.9.7 versions.
7.5HIGH
 CVE-2023-3203
<= 3.9.6
The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_upda
4.3MEDIUM
 CVE-2023-3201
<= 3.9.6
The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_upda
4.3MEDIUM
 CVE-2023-3200
<= 3.9.6
The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_upda
4.3MEDIUM
 CVE-2023-3198
<= 3.9.6
The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_upda
4.3MEDIUM
 CVE-2020-36713
<= 2.1.5
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.1.5. This is due to
9.8CRITICAL
 CVE-2023-2734
<= 3.9.1
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.1. This is due to
9.8CRITICAL
 CVE-2023-2733
<= 3.9.0
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.0. This is due to
9.8CRITICAL
 CVE-2023-2732
<= 3.9.2
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.2. This is due to
9.8CRITICAL
 CVE-2021-24148
< 3.2.0
A business logic issue in the MStore API WordPress plugin, versions before 3.2.0, had an authentication bypass with Sign In With A
9.8CRITICAL
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Coverage report
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh