Description
WordPress Plugin Shopping Cart & eCommerce Store is prone to multiple security bypass vulnerabilities. Exploiting these issues may allow attackers to perform otherwise restricted actions and subsequently update any WordPress options. WordPress Plugin Shopping Cart & eCommerce Store version 3.0.20 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.0.22 or latest
References
Related Vulnerabilities
UAParser.js Inefficient Regular Expression Complexity Vulnerability (CVE-2022-25927)
Oracle HTTP Server Other Vulnerability (CVE-2020-35166)
WordPress Plugin iThemes Security (formerly Better WP Security) Cross-Site Scripting (3.5.3)
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4464)
WordPress Plugin WP Visitor Statistics (Real Time Traffic) Cross-Site Scripting (6.4)