Lucene search
PRIOn knowledge basePRION:CVE-2024-1294HistoryFeb 29, 2024 - 1:43 a.m.
Design/Logic Flaw
2024-02-2901:43:00
PRIOn knowledge base
www.prio-n.com
11
sunshine photo cart
client galleries
wordpress
vulnerable
information exposure
unauthenticated attackers
sensitive data
customer email
physical addresses
nvd
The Sunshine Photo Cart: Free Client Galleries for Photographers plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.24 via the ‘invoice’. This makes it possible for unauthenticated attackers to extract sensitive data including customer email and physical addresses.
References
plugins.trac.wordpress.org/browser/sunshine-photo-cart/tags/3.0.24/includes/admin/sunshine-order.php
plugins.trac.wordpress.org/changeset/3033429/sunshine-photo-cart/trunk/includes/admin/sunshine-order.php
www.wordfence.com/threat-intel/vulnerabilities/id/da76d034-3e9a-4f3f-a314-48e776028369?source=cve
Related
nvd
nvd
CVE-2024-1294
2024-02-29 01:43:47
cvelist
cvelist
CVE-2024-1294
2024-02-20 18:56:48
cve
cve
CVE-2024-1294
2024-02-29 01:43:47
wpvulndb
wpvulndb
wordfence
wordfence