ThreatPress

WordPress Vulnerabilities Database

Back

WordPress e-Commerce Plugin <= 3.8.7.5 - SQL Injection

Product
E-commerce
Description
Because of this vulnerability, the attackers can execute arbitrary SQL commands via unspecified vectors.
Solution
Update the plugin.
Classification
Type SQL Injection
OWASP Top 10 A1: Injection
References
CVE Mitre
CVE
Name CVE-2012-5310
Versions
Affected In <= 3.8.7.5
Fixed In 3.8.7.6
Disclosure date
2012-10-08