Description
WordPress Plugin WP Marketplace-Complete Shopping Cart/eCommerce Solution is prone to a vulnerability that lets attackers download arbitrary files because the application fails to sufficiently verify user-supplied input. This may allow an attacker to gain access to sensitive information, which may aid in launching further attacks. WordPress Plugin WP Marketplace-Complete Shopping Cart/eCommerce Solution version 2.4.0 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.4.1 or latest
References
http://security.szurek.pl/wp-marketplace-240-arbitrary-file-download.html
http://www.homelab.it/index.php/2015/03/24/wp-marketplace-rce/
http://www.exploit-db.com/exploits/36490/
http://packetstormsecurity.com/files/131018/WordPress-Marketplace-2.4.0-Arbitrary-File-Download.html
http://packetstormsecurity.com/files/131019/WordPress-Marketplace-2.4.0-Add-Administrator.html
Related Vulnerabilities
Oracle Database Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1675)
Joomla! Core 3.x.x Multiple Cross-Site Request Forgery Vulnerabilities (3.0.0 - 3.9.14)
MySQL CVE-2015-4757 Vulnerability (CVE-2015-4757)
WordPress Plugin Real Estate Website Builder 'ajax_action' Parameter Cross-Site Scripting (0.1.0)