cleantalk
Vulnerabilities and Security Researches

Sunshine Photo Cart: Free Client Galleries for Photographers, CVE-2022-4301

CVE, Research URL

CVE-2022-4301

Home page URL

Security reports for Sunshine Photo Cart: Free Client Galleries for Photographers

Application

Sunshine Photo Cart: Free Client Galleries for Photographers

Published on
Jan 10, 2023
Research Description
The Sunshine Photo Cart WordPress plugin before 2.9.15 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting.
Affected versions
max 2.8.29.
Status
vulnerable
Previous vulnerability researches
Sunshine Photo Cart: Free Client Galleries for Photographers (CVE-2024-44038) , Sep 28, 2024
Sunshine Photo Cart: Free Client Galleries for Photographers (CVE-2024-43971) , Sep 01, 2024
Sunshine Photo Cart: Free Client Galleries for Photographers (CVE-2022-45826) , Jun 10, 2024
Sunshine Photo Cart: Free Client Galleries for Photographers (CVE-2025-5482) , Jun 13, 2025
Sunshine Photo Cart: Free Client Galleries for Photographers (CVE-2021-4342) , Jun 06, 2024
New vulnerability
GitHub Gist Shortcode Plugin (CVE-2025-12667) , Dec 12, 2025
Cryptocurrency Payment Gateway for WooCommerce (CVE-2025-12392) , Dec 12, 2025
Wbcom Designs – Private Community for BuddyPress (CVE-2025-67582) , Dec 12, 2025
WP-Walla (CVE-2025-12589) , Dec 12, 2025
Master Addons for Elementor (CVE-2025-63055) , Dec 12, 2025