RSS   Vulnerabilities for 'Wp easycart'   RSS

2017-10-06
 
CVE-2015-2673

 

 
The ec_ajax_update_option and ec_ajax_clear_all_taxrates functions in inc/admin/admin_ajax_functions.php in the WP EasyCart plugin 1.1.30 through 3.0.20 for WordPress allow remote attackers to gain administrator privileges and execute arbitrary code via the option_name and option_value parameters.

 
2015-01-15
 
CVE-2014-9308

CWE-Other
 

 
Unrestricted file upload vulnerability in inc/amfphp/administration/banneruploaderscript.php in the WP EasyCart (aka WordPress Shopping Cart) plugin before 3.0.9 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in products/banners/.

 

 >>> Vendor: Wpeasycart 2 Products
Wp easycart
Shopping cart \& ecommerce store


Copyright 2024, cxsecurity.com

 

Back to Top