MStore API
FluxBuilder
Developer
4.18.4
Latest version
3,000
Installations
No date
Last updated
Vulnerability history
0 present
24 patched
15 Mitigation rules
- Missing Authorization to Authenticated (Subscriber+) Posts Creation vulnerability<= 4.17.527/05/2025
- Unauthenticated Limited Privilege Escalation vulnerability<= 4.17.401/05/2025
- Authenticated (Subscriber+) HTML File Upload (Stored Cross-Site Scripting) vulnerability<= 4.16.412/12/2024
- Authenticated (Subscriber+) SQL Injection vulnerability<= 4.15.719/11/2024
- Unauthorized User Registration vulnerability<= 4.15.313/09/2024
- Authenticated (Subscriber+) Limited Arbitrary File Upload vulnerability<= 4.15.313/09/2024
- Authentication Bypass to Account Takeover vulnerability<= 4.15.215/08/2024
- Authentication Bypass vulnerability<= 4.14.712/07/2024
- Cross Site Request Forgery (CSRF) vulnerability<= 4.10.126/12/2023
- Unauthorized Account Access and Privilege Escalation vulnerability<= 4.10.706/11/2023
- SQL Injection vulnerability<= 4.0.603/10/2023
- Unauth. SQL Injection (SQLi) vulnerability<= 4.0.126/06/2023
- SQL Injection<= 3.9.719/06/2023
- Cross-Site Request Forgery to Product Limit Update vulnerability<= 3.9.614/06/2023
- Cross-Site Request Forgery to Order Message Update vulnerability<= 3.9.614/06/2023
- Cross-Site Request Forgery to Order Title Update vulnerability<= 3.9.614/06/2023
- Cross-Site Request Forgery to Order Title Update vulnerability<= 3.9.614/06/2023
- Cross-Site Request Forgery to Order Status Update vulnerability<= 3.9.614/06/2023
- Cross-Site Request Forgery to Firebase Server Key Update vulnerability<= 3.9.614/06/2023
- Missing Authorization vulnerability< 3.9.613/06/2023
- Authentication Bypass vulnerability<= 3.9.125/05/2023
- Authentication Bypass vulnerability<= 3.9.225/05/2023
- Bypass vulnerability in Apple login authentication method<= 3.1.902/02/2021
- Unauthenticated Account Create/Edit vulnerability<= 2.1.511/03/2020