Description

WordPress Plugin Shopping Cart is prone to multiple SQL injection vulnerabilities and an arbitrary file upload vulnerability because it fails to sanitize user-supplied data. Exploiting these issues could allow an attacker to compromise the application, execute arbitrary code, access or modify data, or exploit latent vulnerabilities in the underlying database. WordPress Plugin Shopping Cart version 8.1.14 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 8.1.15 or latest

References

http://www.securityfocus.com/bid/57101/exploit

http://www.opensyscom.fr/Actualites/wordpress-plugins-wordpress-shopping-cart-multiple-vulnerability.html

http://packetstormsecurity.com/files/119217/WordPress-Shopping-Cart-8.1.14-Shell-Upload-SQL-Injection.html

http://secunia.com/advisories/51690/

Related Vulnerabilities

WordPress Plugin GiveWP-Donation and Fundraising Platform Cross-Site Scripting (2.4.6)

MySQL CVE-2019-2539 Vulnerability (CVE-2019-2539)

WordPress Plugin Booster for WooCommerce Multiple Vulnerabilities (5.6.6)

MySQL CVE-2019-2420 Vulnerability (CVE-2019-2420)

Wordpress Plugin Backup Migration CVE-2023-6271 Vulnerability (CVE-2023-6271)

Severity

High

Classification

CWE-89 CWE-434 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update SQL Injection Unauthenticated File Upload