Description
WordPress Plugin Jigoshop-Store Toolkit is prone to a privilege escalation vulnerability. Exploiting this issue may allow attackers to bypass the expected capabilities check and perform otherwise restricted actions; other attacks are also possible. WordPress Plugin Jigoshop-Store Toolkit version 1.3.8 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.3.9 or latest
References
http://www.pritect.net/blog/visser-labs-wordpress-plugins-multiple-vulnerabilities
https://wordpress.org/plugins/jigoshop-store-toolkit/changelog/
Related Vulnerabilities
WordPress Plugin Image Slider Unspecified Vulnerability (1.1.119)
WordPress Plugin Visual Form Builder Multiple Vulnerabilities (2.8.2)
WordPress Plugin Link Log-external link click monitor SQL Injection (2.0)
WordPress Plugin Author Stats Cross-Site Scripting (1.3)
WordPress Plugin Visualizer:Tables and Charts Manager for WordPress PHAR Deserialization (3.7.9)