sylius

Top products

The 15 most recently published vulnerabilities affecting sylius.

• CVE-2026-31825Sylius has a DQL Injection via API Order Filters5.3Mar 10, 2026
• CVE-2026-31824Sylius has a Promotion Usage Limit Bypass via Race Condition8.2Mar 10, 2026
• CVE-2026-31823Sylius has Authenticated Stored XSS4.8Mar 10, 2026
• CVE-2026-31822Sylius has a XSS vulnerability in checkout login form6.1Mar 10, 2026
• CVE-2026-31821Sylius is Missing Authorization in API v2 Add Item Endpoint5.3Mar 10, 2026
• CVE-2026-31820Sylius affected by IDOR in Cart and Checkout LiveComponents6.5Mar 10, 2026
• CVE-2026-31819Sylius has an Open Redirect via Referer Header6.1Mar 10, 2026
• CVE-2025-30152Sylius PayPal Plugin has an Order Manipulation Vulnerability after PayPal Checkout6.5Mar 19, 2025
• CVE-2025-29788Sylius PayPal Plugin Payment Amount Manipulation Vulnerability6.5Mar 17, 2025
• CVE-2024-57610A rate limiting issue in Sylius v2.0.2 allows a remote attacker to perform unrestricted brute-force attacks on user accounts, significantly increasing the risk of account compromise and denial of s...7.5Feb 6, 2025
• CVE-2021-3841Stored Cross-site Scripting (XSS) in sylius/sylius5.4Nov 15, 2024
• CVE-2024-40633Customer data leak via adjustments API endpoint in Sylius5.3Jul 17, 2024
• CVE-2024-34349Sylius potentially vulnerable to Cross Site Scripting via "Name" field (Taxons, Products, Options, Variants) in Admin Panel4.8May 10, 2024
• CVE-2024-29376Sylius 1.12.13 is vulnerable to Cross Site Scripting (XSS) via the "Province" field in Address Book.6.4Apr 22, 2024
• CVE-2022-24752SQL Injection through sorting parameters in SyliusGridBundle9.8Mar 15, 2022