Description
WordPress Plugin Shopping Cart & eCommerce Store is prone to multiple security bypass vulnerabilities. Exploiting these issues may allow attackers to perform otherwise restricted actions and subsequently update any WordPress options. WordPress Plugin Shopping Cart & eCommerce Store version 3.0.20 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.0.22 or latest
References
Related Vulnerabilities
WordPress Plugin Bulk Datetime Change Security Bypass (1.11)
Drupal Core 8.0.x Multiple Vulnerabilities (8.0.0 - 8.0.3)
WordPress Plugin leenk.me Multiple Vulnerabilities (2.5.0)
OpenVPN AS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-2692)
PostgreSQL Improper Input Validation Vulnerability (CVE-2019-10210)