cleantalk
Vulnerabilities and Security Researches

Sunshine Photo Cart: Free Client Galleries for Photographers, CVE-2024-1294

CVE, Research URL

CVE-2024-1294

Home page URL

Security reports for Sunshine Photo Cart: Free Client Galleries for Photographers

Application

Sunshine Photo Cart: Free Client Galleries for Photographers

Published on
Feb 29, 2024
Research Description
The Sunshine Photo Cart: Free Client Galleries for Photographers plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.24 via the 'invoice'. This makes it possible for unauthenticated attackers to extract sensitive data including customer email and physical addresses.
Affected versions
Min -, max 3.1.
Status
vulnerable
Previous vulnerability researches
Sunshine Photo Cart: Free Client Galleries for Photographers (CVE-2024-44038) , Sep 28, 2024
Sunshine Photo Cart: Free Client Galleries for Photographers (CVE-2024-43971) , Sep 01, 2024
Sunshine Photo Cart: Free Client Galleries for Photographers (CVE-2022-45826) , Jun 10, 2024
Sunshine Photo Cart: Free Client Galleries for Photographers (CVE-2025-5482) , Jun 13, 2025
Sunshine Photo Cart: Free Client Galleries for Photographers (CVE-2021-4342) , Jun 06, 2024
New vulnerability
All-in-One Addons for Elementor – WidgetKit (CVE-2025-49074) , Jun 15, 2025
ElementInvader Addons for Elementor (CVE-2025-48288) , Jun 15, 2025
Falang multilanguage for WordPress (CVE-2025-48285) , Jun 15, 2025
Social Sharing Plugin – Sassy Social Share (CVE-2025-5528) , Jun 15, 2025
PSW – Login and registration (CVE-2025-4607) , Jun 15, 2025