Description
WordPress Plugin WP e-Commerce Shop Styling is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin WP e-Commerce Shop Styling version 2.9.1 is vulnerable; prior versions may also be affected.
Remediation
Disable the plugin until a fix is available
References
Related Vulnerabilities
WordPress Plugin SpiderCatalog SQL Injection (1.7.3)
MediaWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-30152)
WordPress Plugin Zingiri Web Shop Cookie Multiple SQL Injection Vulnerabilities (2.4.7)
MySQL CVE-2022-21478 Vulnerability (CVE-2022-21478)
WordPress Plugin Easy Registration Forms Cross-Site Scripting (2.1.1)