Description
WordPress Plugin Shopping Cart & eCommerce Store is prone to multiple security bypass vulnerabilities. Exploiting these issues may allow attackers to perform otherwise restricted actions and subsequently update any WordPress options. WordPress Plugin Shopping Cart & eCommerce Store version 3.0.20 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.0.22 or latest
References
Related Vulnerabilities
WordPress Plugin Multi Feed Reader SQL Injection (2.2.3)
e107 Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2020)
MySQL Cleartext Transmission of Sensitive Information Vulnerability (CVE-2017-3305)
WordPress Plugin YouTube Embed Cross-Site Scripting (5.2.1)
WordPress Plugin eCommerce Product Catalog for WordPress Cross-Site Request Forgery (3.0.17)