3 matches found
WordPress WP EasyCart Plugin < 5.4.3 is vulnerable to Local File Inclusion
Software WP EasyCart Type Plugin Vulnerable versions 5.4.3 Fixed in 5.4.3 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2023-1124 Patch priority Low CVSS severity Low 7.2 Developer Claim ownership PSID e0487c7e1bcd Credits Shreya Pohekar Required privilege Administrator...
CVE-2023-1124
CVE-2023-1124 affects the Shopping Cart & eCommerce Store WordPress plugin (versions before 5.4.3). The vulnerability arises from not validating HTTP requests, allowing authenticated administrators to perform Local File Inclusion (LFI) attacks. Impact is high for confidentiality, integrity, and a...
CVE-2023-1124 Shopping Cart & eCommerce Store < 5.4.3 - Admin+ LFI
The Shopping Cart & eCommerce Store WordPress plugin before 5.4.3 does not validate HTTP requests, allowing authenticated users with admin privileges to perform LFI attacks...