Ecwid Shopping Cart

CrossSite Request Forgery to Send Deactivation Message vulnerability <= 6.12.27

Authenticated(Contributor+) Stored CrossSite Scripting via Shortcode vulnerability <= 6.12.10

Cross Site Request Forgery (CSRF) vulnerability <= 6.12.4

Missing Authorization on multiple functions vulnerability <= 6.12.3

Cross Site Scripting (XSS) vulnerability <= 6.11.4