WordPress Shopping Cart & eCommerce Store plugin <= 5.1.0 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)

Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) discovered by Xu-Liang Liao in WordPress Shopping Cart & eCommerce Store plugin (versions <= 5.1.0).

Solution

           Update the WordPress Shopping Cart & eCommerce Store plugin to the latest available version (at least 5.1.1).