Approved changes feed: RSS · Atom

cpe:2.3:a:craftcms:craft_commerce:*:*:*:*:*:craft_cms:*:*

part: a version: * update: *

VendorCraftcms (251e238f-ce53-56ed-bc94-804b74356686)
ProductCraft Commerce (60223840-e262-5a89-98ad-e3b7039bf742)
Edition*
Language*
Software edition*
Target softwarecraft_cms
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2026-31867 vulnerable 2026-06-08 07:57:16.017578 Craft Commerce has a Potential IDOR in Commerce carts
Craft Commerce is an ecommerce platform for Craft CMS. Prior to 4.11.0 and 5.6.0, An Insecure Direct Object Reference (IDOR) vulnerability exists in Craft Commerce’s cart functionality that allows users to hijack any shopping cart by knowing or guessing its 32-character number. The CartController accepts a user-supplied number parameter to load and modify shopping carts. No ownership validation is performed - the code only checks if the order exists and is incomplete, not whether the requester has authorization to access it. This vulnerability enables the takeover of shopping sessions and potential exposure of PII. This vulnerability is fixed in 4.11.0 and 5.6.0.
Published: 2026-03-11T17:52:18.298Z
Updated: 2026-03-12T13:49:48.940Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-29177 vulnerable 2026-06-08 07:55:16.179252 Craft Commerce has Stored XSS in Craft Commerce Order Details Slideout
Craft Commerce is an ecommerce platform for Craft CMS. Prior to 4.10.2 and 5.5.3, a Stored Cross-Site Scripting (XSS) vulnerability exists in the Craft Commerce Order details. Malicious JavaScript can be injected via the Shipping Method Name, Order Reference, or Site Name. When a user opens the order details slideout via a double-click on the order index page, the injected payload executes. This vulnerability is fixed in 4.10.2 and 5.5.3.
Published: 2026-03-10T20:01:06.968Z
Updated: 2026-03-10T20:12:39.344Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-29176 vulnerable 2026-06-08 07:55:16.178831 Craft Commerce has Stored XSS in Inventory Location Name
Craft Commerce is an ecommerce platform for Craft CMS. Prior to 5.5.3, A stored XSS vulnerability exists in the Commerce Settings - Inventory Locations page. The Name field is rendered without proper HTML escaping, allowing an attacker to execute arbitrary JavaScript. This XSS triggers when an administrator (or user with product editing permissions) creates or edits a variant product. This vulnerability is fixed in 5.5.3.
Published: 2026-03-10T19:59:48.366Z
Updated: 2026-03-10T20:12:39.491Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-29175 vulnerable 2026-06-08 07:55:16.178434 Multiple Stored XSS in Commerce Inventory Page Leading to Session Hijacking
Craft Commerce is an ecommerce platform for Craft CMS. Prior to 5.5.3, Stored XSS vulnerabilities exist in the Commerce Inventory page. The Product Title, Variant Title, and Variant SKU fields are rendered without proper HTML escaping, allowing an attacker to execute arbitrary JavaScript when any user (including administrators) views the inventory management page. This vulnerability is fixed in 5.5.3.
Published: 2026-03-10T19:57:36.799Z
Updated: 2026-03-11T14:11:09.100Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-29174 vulnerable 2026-06-08 07:55:16.177914 Craft Commerce has a SQL Injection in Commerce Inventory Table Sorting
Craft Commerce is an ecommerce platform for Craft CMS. Prior to 5.5.3, Craft Commerce is vulnerable to SQL Injection in the inventory levels table data endpoint. The sort[0][direction] and sort[0][sortField] parameters are concatenated directly into an addOrderBy() clause without any validation or sanitization. An authenticated attacker with access to the Commerce Inventory section can inject arbitrary SQL queries, potentially leading to a full database compromise. This vulnerability is fixed in 5.5.3.
Published: 2026-03-10T19:55:54.645Z
Updated: 2026-03-10T20:12:39.918Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-29173 vulnerable 2026-06-08 07:55:16.177485 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-29172 vulnerable 2026-06-08 07:55:16.176939 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-25522 vulnerable 2026-06-08 07:53:19.931799 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-25490 vulnerable 2026-06-08 07:53:19.871945 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-25489 vulnerable 2026-06-08 07:53:19.866547 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-25488 vulnerable 2026-06-08 07:53:19.865988 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-25487 vulnerable 2026-06-08 07:53:19.865527 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-25486 vulnerable 2026-06-08 07:53:19.865078 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-25485 vulnerable 2026-06-08 07:53:19.864723 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-25484 vulnerable 2026-06-08 07:53:19.864125 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-25483 vulnerable 2026-06-08 07:53:19.863530 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-25482 vulnerable 2026-06-08 07:53:19.861109 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.