Description
WordPress Plugin Shopping Cart & eCommerce Store is prone to multiple security bypass vulnerabilities. Exploiting these issues may allow attackers to perform otherwise restricted actions and subsequently update any WordPress options. WordPress Plugin Shopping Cart & eCommerce Store version 3.0.20 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.0.22 or latest
References
Related Vulnerabilities
WordPress Plugin Link Library Cross-Site Scripting (5.9.12.29)
WordPress Plugin Image Optimizer, Resizer and CDN-Sirv Arbitrary File Upload (7.2.6)
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0018)
WordPress Plugin Advanced Contact form 7 DB Arbitrary File Upload (1.4.4)