CVE-2025-5482

< 3.4.12

The Sunshine Photo Cart: Free Client Photo Galleries for Photographers plugin for WordPress is vulnerable to privilege escalation

8.8HIGH

CVE-2025-31084

< 3.4.11

Deserialization of Untrusted Data vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Object Injecti

9.8CRITICAL

CVE-2022-45826

< 2.9.14

Missing Authorization vulnerability in WP Sunshine Photo Cart allows Exploiting Incorrectly Configured Access Control Sec

5.4MEDIUM

CVE-2024-49697

< 3.2.10

Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Con

4.3MEDIUM

CVE-2024-47314

< 3.2.9

Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Con

7.1HIGH

CVE-2024-44038

< 3.2.10

Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Con

5.3MEDIUM

CVE-2024-43136

< 3.2.2

Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart.This issue affects Sunshine Photo

4.3MEDIUM

CVE-2024-50463

< 3.2.11

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart.Thi

4.7MEDIUM

CVE-2024-43971

< 3.2.6

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sunshinephotocart Sunshine P

7.1HIGH

CVE-2024-30221

< 3.1.2

Deserialization of Untrusted Data vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart.This issue affects Su

5.4MEDIUM

CVE-2024-30194

< 3.1.2

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sunshinephotocart Sunshine P

7.1HIGH

CVE-2024-1294

< 3.1

The Sunshine Photo Cart: Free Client Galleries for Photographers plugin for WordPress is vulnerable to Sensitive Information Expos

5.3MEDIUM

CVE-2023-41796

< 3.0

Authorization Bypass Through User-Controlled Key vulnerability in WP Sunshine Photo Cart: Free Client Galleries for Photo

5.3MEDIUM

CVE-2021-4415

<= 2.8.28

The Sunshine Photo Cart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.8.28

4.3MEDIUM

CVE-2022-40692

< 2.9.14

Cross-Site Request Forgery (CSRF) vulnerability in WP Sunshine Photo Cart plugin <= 2.9.13 versions.

5.4MEDIUM

CVE-2022-4301

< 2.9.15

The Sunshine Photo Cart WordPress plugin before 2.9.15 does not sanitise and escape a parameter before outputting it back in the p

6.1MEDIUM