Description

WordPress Plugin WP e-Commerce Shop Styling is prone to a vulnerability that lets attackers download arbitrary files because the application fails to sufficiently verify user-supplied input. This may allow an attacker to gain access to sensitive information, which may aid in launching further attacks. WordPress Plugin WP e-Commerce Shop Styling version 2.5 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 2.6 or latest

References

http://www.vapidlabs.com/advisory.php?v=136

https://www.exploit-db.com/exploits/37530/

http://seclists.org/oss-sec/2015/q3/48

http://www.openwall.com/lists/oss-security/2015/07/06/19

https://packetstormsecurity.com/files/132594/WordPress-WP-Ecommerce-Shop-Styling-2.5-File-Download.html

http://www.openwall.com/lists/oss-security/2015/07/10/4

Related Vulnerabilities

WordPress Plugin Visitors Cross-Site Scripting (0.3)

WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions Cross-Site Scripting (2.9.8)

WordPress Plugin Autopilot SEO for WooCommerce Security Bypass (1.5.1)

WordPress Plugin YITH WooCommerce Compare Security Bypass (2.3.13)

WordPress Plugin Nested Pages Multiple Vulnerabilities (3.1.15)

Severity

High

Classification

CVE-2015-5468 CWE-22 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update Information Disclosure