CVE-2024-32452 MEDIUM

CVE-2024-32452: WordPress Shopping Cart & eCommerce Store plugin <= 5.5.19 - Cross Site Request Forgery (CSRF) vulnerability

Vendor Wp Easycart
Product WP EasyCart
Weakness CWE-352 · CSRF
Published April 15, 2024
Last update April 28, 2026
View on NVD All CVEs

CVSS base score

5.4/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

What the vulnerability does

01Description

Cross-Site Request Forgery (CSRF) vulnerability in WP EasyCart.This issue affects WP EasyCart: from n/a through 5.5.19.

Key dates

02Disclosure timeline

April 15, 2024 CVE published
April 28, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2018-15438 Cisco Prime Collaboration Assurance Cross-Site Request Forgery Vulnerability CVE-2025-23446 WordPress WP SpaceContent plugin <= 0.4.5 - CSRF to Stored Cross Site Scripting (XSS) vulnerability CVE-2025-6478 CodeAstro Expense Management System cross-site request forgery CVE-2024-0515 Royal Elementor Addons and Templates <= 1.3.87 - Cross-Site Request Forgery via remove_from_compare CVE-2023-5383 Funnelforms Free <= 3.4 - Cross-Site Request Forgery to Arbitrary Post Duplication