Isshue Multi Store Ecommerce Shopping Cart Solution
Approved changes feed: RSS · Atom
cpe:2.3:a:codecanyon:isshue_multi_store_ecommerce_shopping_cart_solution:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Codecanyon (a6a90f23-b98d-5184-9eae-192ed15afa35) |
|---|---|
| Product | Isshue Multi Store Ecommerce Shopping Cart Solution (ef3a96d4-8d67-562b-b7da-60de21828c39) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-13239 |
vulnerable | 2026-06-03 14:58:45.751413 |
Bdtask/CodeCanyon Isshue Multi Store eCommerce Shopping Cart Solution submit_checkout behavioral workflow
MEDIUM (4.3)
A security vulnerability has been detected in Bdtask/CodeCanyon Isshue Multi Store eCommerce Shopping Cart Solution 5. Affected by this issue is some unknown functionality of the file /submit_checkout. Such manipulation of the argument order_total_amount/cart_total_amount leads to enforcement of behavioral workflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2025-11-16T06:02:05.740Z
Updated: 2025-11-17T17:09:17.858Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-13186 |
vulnerable | 2026-06-03 14:58:45.676511 |
Bdtask/CodeCanyon Isshue Multi Store eCommerce Shopping Cart Solution manage_customer cross site scripting
LOW (2.4)
A weakness has been identified in Bdtask/CodeCanyon Isshue Multi Store eCommerce Shopping Cart Solution up to 4.0. This impacts an unknown function of the file /dashboard/Ccustomer/manage_customer. This manipulation of the argument Search causes cross site scripting. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2025-11-14T21:32:05.698Z
Updated: 2025-11-17T20:41:49.637Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.