GCVE - cpe:2.3:a:realmag777:wpcs:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:realmag777:wpcs:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Realmag777 (`367987aa-9884-5ea5-b6ea-639a360f4171`)
Product	Wpcs (`c513ab5b-4f68-5b0f-a7eb-9f534213d1dc`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2026-42733`	vulnerable	2026-06-03 15:25:01.470838	WordPress WPCS plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability HIGH (7.1) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 WPCS currency-switcher allows DOM-Based XSS.This issue affects WPCS: from n/a through <= 1.3.1. Published: 2026-05-27T09:49:04.144Z Updated: 2026-05-27T10:53:22.046Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/currency-switcher/vulnerability/wordpress-wpcs-plugin-1-3-1-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-38700`	vulnerable	2026-06-03 14:56:19.349478	WordPress WPCS – WordPress Currency Switcher Professional plugin <= 1.2.0.3 - Arbitrary Shortcode Execution vulnerability MEDIUM (6.5) Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in realmag777 WPCS allows Code Injection.This issue affects WPCS: from n/a through 1.2.0.3. Published: 2024-07-12T14:05:34.224Z Updated: 2026-04-28T16:10:04.788Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/currency-switcher/wordpress-wpcs-wordpress-currency-switcher-professional-plugin-1-2-0-3-arbitrary-shortcode-execution-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-30456`	vulnerable	2026-06-03 14:55:38.363003	WordPress WPCS – WordPress Currency Switcher Professional plugin <=1.2.0.1 - Cross Site Request Forgery (CSRF) vulnerability MEDIUM (4.3) Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WPCS.This issue affects WPCS: from n/a through 1.2.0.1. Published: 2024-03-29T13:07:55.346Z Updated: 2026-04-28T16:09:24.404Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/currency-switcher/wordpress-wpcs-wordpress-currency-switcher-professional-plugin-1-2-0-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.