Description
WordPress Plugin WP e-Commerce Shop Styling is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin WP e-Commerce Shop Styling version 2.9.1 is vulnerable; prior versions may also be affected.
Remediation
Disable the plugin until a fix is available
References
Related Vulnerabilities
WordPress Plugin Tajer Arbitrary File Upload (1.0.5)
WordPress Plugin TablePress XML External Entity Injection (1.8)
WordPress Plugin 1 Flash Gallery 'upload.php' Arbitrary File Upload (1.5.7)
Drupal Core 8.x.x Denial of Service (8.0.0 - 8.6.18)
WordPress Plugin WordPress Download Manager Multiple Security Bypass Vulnerabilities (2.6.92)