Ecwid Ecommerce Shopping Cart Vulnerabilities
The Ecwid Ecommerce Shopping Cart WordPress plugin has 3 known security vulnerabilities, including 1 critical. The most recent was disclosed on November 7, 2023. Check whether your site runs an affected version below.
View Ecwid Ecommerce Shopping Cart on WordPress.orgSummary
Latest vulnerability disclosed on November 7, 2023.
Recommendation
WPSentry recommends extreme caution
Only run Ecwid Ecommerce Shopping Cart if it is updated to the latest patched release. This plugin has a history of 1 critical, potentially exploitable vulnerability. If you already use it, update immediately — or consider a safer alternative.
Is your site affected?
Run a free external scan to detect Ecwid Ecommerce Shopping Cart and 35+ other WordPress security checks — no login or plugin required.
Known Ecwid Ecommerce Shopping Cart vulnerabilities
- medium
Ecwid Ecommerce Shopping Cart <= 6.12.3 - Missing Authorization on multiple functions
Affected versions: <=6.12.3Disclosed November 7, 2023 - medium
Ecwid Ecommerce Shopping Cart <= 6.10.22 - Insufficient Access Control on Multiple AJAX Actions
Affected versions: <=6.10.22Disclosed July 9, 2022 - critical
Ecwid Ecommerce Shopping Cart <= 4.4.3 - Unauthenticated PHP Object injection
Affected versions: <=4.4.3Disclosed August 8, 2016
How to stay protected
Update promptly
Keep Ecwid Ecommerce Shopping Cart on its latest release — most vulnerabilities are fixed in newer versions.
Scan regularly
Run an external scan after every update to catch outdated or vulnerable software early.
Monitor continuously
Enable monitoring to get alerted the moment a new issue affects your stack.