Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • M
Cross-site Scripting (XSS)		magento/community-edition<2.4.4-p12>=2.4.5-p1, <2.4.5-p11>=2.4.6-p1, <2.4.6-p9>=2.4.7-beta1, <2.4.7-p4>=2.4.8-beta1, <2.4.8-beta2Composer4 Mar 2025
  • C
Improper Authorization		magento/community-edition<2.4.4-p12>=2.4.5-p1, <2.4.5-p11>=2.4.6-p1, <2.4.6-p9>=2.4.7-beta1, <2.4.7-p4>=2.4.8-beta1, <2.4.8-beta2Composer20 Feb 2025
  • M
Cross-site Scripting (XSS)		magento/community-edition<2.4.4-p11>=2.4.5-p1, <2.4.5-p10>=2.4.6-p1, <2.4.6-p8>=2.4.7-beta1, <2.4.7-p3Composer13 Oct 2024
  • M
Access Control Bypass		magento/community-edition<2.4.4-p11>=2.4.5-p1, <2.4.5-p10>=2.4.6-p1, <2.4.6-p8>=2.4.7-beta1, <2.4.7-p3Composer13 Oct 2024
  • M
Access Control Bypass		magento/community-edition<2.4.4-p11>=2.4.5-p1, <2.4.5-p10>=2.4.6-p1, <2.4.6-p8>=2.4.7-beta1, <2.4.7-p3Composer13 Oct 2024
  • M
Improper Input Validation		magento/community-edition<2.4.4-p11>=2.4.5-p1, <2.4.5-p10>=2.4.6-p1, <2.4.6-p8>=2.4.7-beta1, <2.4.7-p3Composer13 Oct 2024
  • M
Access Control Bypass		magento/community-edition<2.4.4-p11>=2.4.5-p1, <2.4.5-p10>=2.4.6-p1, <2.4.6-p8>=2.4.7-beta1, <2.4.7-p3Composer13 Oct 2024
  • M
Access Control Bypass		magento/community-edition<2.4.4-p11>=2.4.5-p1, <2.4.5-p10>=2.4.6-p1, <2.4.6-p8>=2.4.7-beta1, <2.4.7-p3Composer13 Oct 2024
  • M
Access Control Bypass		magento/community-edition<2.4.4-p11>=2.4.5-p1, <2.4.5-p10>=2.4.6-p1, <2.4.6-p8>=2.4.7-beta1, <2.4.7-p3Composer13 Oct 2024
  • M
Time-of-check Time-of-use (TOCTOU) Race Condition		magento/community-edition<2.4.4-p11>=2.4.5-p1, <2.4.5-p10>=2.4.6-p1, <2.4.6-p8>=2.4.7-beta1, <2.4.7-p3Composer13 Oct 2024
  • M
Improper Authorization		magento/community-edition<2.4.4-p11>=2.4.5-p1, <2.4.5-p10>=2.4.6-p1, <2.4.6-p8>=2.4.7-beta1, <2.4.7-p3Composer13 Oct 2024
  • M
Server-side Request Forgery (SSRF)		magento/community-edition<2.4.4-p11>=2.4.5-p1, <2.4.5-p10>=2.4.6-p1, <2.4.6-p8>=2.4.7-beta1, <2.4.7-p3Composer13 Oct 2024
  • M
Cross-site Scripting (XSS)		magento/community-edition<2.4.4-p11>=2.4.5-p1, <2.4.5-p10>=2.4.6-p1, <2.4.6-p8>=2.4.7-beta1, <2.4.7-p3Composer13 Oct 2024
  • M
Access Control Bypass		magento/community-edition<2.4.4-p11>=2.4.5-p1, <2.4.5-p10>=2.4.6-p1, <2.4.6-p8>=2.4.7-beta1, <2.4.7-p3Composer13 Oct 2024
  • M
Cross-site Scripting (XSS)		magento/community-edition<2.4.4-p11>=2.4.5-p1, <2.4.5-p10>=2.4.6-p1, <2.4.6-p8>=2.4.7-beta1, <2.4.7-p3Composer13 Oct 2024
  • H
Improper Authorization		magento/community-edition<2.4.4-p11>=2.4.5-p1, <2.4.5-p10>=2.4.6-p1, <2.4.6-p8>=2.4.7-beta1, <2.4.7-p3Composer13 Oct 2024
  • M
Improper Authorization		magento/community-edition<2.4.4-p11>=2.4.5-p1, <2.4.5-p10>=2.4.6-p1, <2.4.6-p8>=2.4.7-beta1, <2.4.7-p3Composer13 Oct 2024
  • M
Information Exposure		magento/community-edition<2.4.4-p11>=2.4.5-p1, <2.4.5-p10>=2.4.6-p1, <2.4.6-p8>=2.4.7-beta1, <2.4.7-p3Composer13 Oct 2024
  • M
Access Control Bypass		magento/community-edition<2.4.4-p11>=2.4.5-p1, <2.4.5-p10>=2.4.6-p1, <2.4.6-p8>=2.4.7-beta1, <2.4.7-p3Composer13 Oct 2024
  • M
Access Control Bypass		magento/community-edition<2.4.4-p11>=2.4.5-p1, <2.4.5-p10>=2.4.6-p1, <2.4.6-p8>=2.4.7-beta1, <2.4.7-p3Composer13 Oct 2024
  • M
Incorrect Authorization		magento/community-edition<2.4.4-p11>=2.4.5-p1, <2.4.5-p10>=2.4.6-p1, <2.4.6-p8>=2.4.7-beta1, <2.4.7-p3Composer13 Oct 2024
  • M
Access Control Bypass		magento/community-edition<2.4.4-p11>=2.4.5-p1, <2.4.5-p10>=2.4.6-p1, <2.4.6-p8>=2.4.7-beta1, <2.4.7-p3Composer13 Oct 2024
  • M
Cross-Site Request Forgery (CSRF)		magento/community-edition<2.4.4-p10>=2.4.5-p1, <2.4.5-p9>=2.4.6-p1, <2.4.6-p7>=2.4.7-p1, <2.4.7-p2Composer17 Sept 2024
  • M
Cross-Site Request Forgery (CSRF)		magento/community-edition<2.4.4-p10>=2.4.5-p1, <2.4.5-p9>=2.4.6-p1, <2.4.6-p7>=2.4.7-p1, <2.4.7-p2Composer17 Sept 2024
  • M
Improper Authorization		magento/community-edition<2.4.4-p10>=2.4.5-p1, <2.4.5-p9>=2.4.6-p1, <2.4.6-p7>=2.4.7-p1, <2.4.7-p2Composer17 Sept 2024
  • M
Cross-Site Request Forgery (CSRF)		magento/community-edition<2.4.4-p10>=2.4.5-p1, <2.4.5-p9>=2.4.6-p1, <2.4.6-p7>=2.4.7-p1, <2.4.7-p2Composer17 Sept 2024
  • H
Path Traversal		magento/community-edition>=2.4.7-p1, <2.4.7-p2>=2.4.6-p1, <2.4.6-p7>=2.4.5-p1, <2.4.5-p9<2.4.4-p10Composer17 Sept 2024
  • M
Cross-site Scripting (XSS)		magento/community-edition<2.4.4-p9>=2.4.5-p1, <2.4.5-p8>=2.4.6-p1, <2.4.6-p6>=2.4.7-beta1, <2.4.7-p1Composer8 Aug 2024
  • M
Incorrect Authorization		magento/community-edition<2.4.4-p9>=2.4.5-p1, <2.4.5-p8>=2.4.6-p1, <2.4.6-p6>=2.4.7-beta1, <2.4.7-p1Composer8 Aug 2024
  • M
Improper Access Control		magento/community-edition<2.4.4-p9>=2.4.5-p1, <2.4.5-p8>=2.4.6-p1, <2.4.6-p6>=2.4.7-beta1, <2.4.7-p1Composer8 Aug 2024