ThreatPress

WordPress Vulnerabilities Database

Back

WordPress WP e-Commerce Plugin - Multiple Security Vulnerabilities

Product
E-commerce
Description
WP e-Commerce plugin is prone to multiple security vulnerabilities, such as a local file include, arbitrary file upload and multiple remote code execution vulnerabilities. An attacker can upload arbitrary files to the affected computer that may result in arbitrary code execution within the context of the vulnerable application. Other attacks are also possible.
Solution
Upgrade the plugin.
Classification
Type Multi
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In <= 1.0
Fixed In 1.1
Disclosure date
2014-01-24
Credits
KedAns-Dz