Description
WordPress Plugin WP e-Commerce-Store Toolkit is prone to a privilege escalation vulnerability. Exploiting this issue may allow attackers to bypass the expected capabilities check and perform otherwise restricted actions; other attacks are also possible. WordPress Plugin WP e-Commerce-Store Toolkit version 2.0.1 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.0.2 or latest
References
http://www.pritect.net/blog/visser-labs-wordpress-plugins-multiple-vulnerabilities
https://wordpress.org/plugins/wp-e-commerce-store-toolkit/changelog/
Related Vulnerabilities
Apache Tomcat version older than 6.0.16
WordPress Plugin Media File Manager Advanced Multiple Vulnerabilities (1.1.5)
WordPress Plugin Login or Logout Menu Item Security Bypass (1.1.1)
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.9)
WordPress Plugin Appointment Booking Calendar Multiple Vulnerabilities (1.1.24)