WordPress WP e-Commerce Plugin Multiple Security Vulnerabilities

ID EDB-ID:39063
Type exploitdb
Reporter KedAns-Dz
Modified 2014-01-24T00:00:00


WordPress WP e-Commerce Plugin Multiple Security Vulnerabilities. Webapps exploit for php platform

                                            source: http://www.securityfocus.com/bid/65130/info

The WP e-Commerce plugin for WordPress is prone to multiple security vulnerabilities, including:

1. Multiple remote code-execution vulnerabilities.
2. A local file-include vulnerability
3. An arbitrary file-upload vulnerability

An attacker can exploit these issues to execute arbitrary code, include arbitrary local files, upload arbitrary files to the affected computer that may result in arbitrary code execution within the context of the vulnerable application.

WP e-Commerce is vulnerable; other versions may also be affected. 

Local file-include

Remote code-execution