2 matches found
WordPress WordPress Simple PayPal Shopping Cart plugin <= 5.1.2 - Unauthenticated Information Exposure via file_url Parameter vulnerability
Unauthenticated Information Exposure via fileurl Parameter vulnerability discovered by Jack Taylor in WordPress Plugin Simple Shopping Cart versions = 5.1.2...
CVE-2025-3529 WordPress Simple PayPal Shopping Cart <= 5.1.2 - Unauthenticated Information Exposure via file_url Parameter
The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.1.2 via the 'fileurl' parameter. This makes it possible for unauthenticated attackers to view potentially sensitive information and download a digital...