2 matches found
CVE-2012-5310
The CVE-2012-5310 entry concerns the WP e-Commerce WordPress plugin, specifically versions before 3.8.7.6. Multiple sources confirm an SQL Injection vulnerability in this plugin, allowing remote attackers to execute arbitrary SQL commands via unspecified vectors. Affected component is the WP e-Co...
CVE-2011-5104
CVE-2011-5104 affects the WP e-Commerce plugin (WordPress) in the file wpsc-admin/display-sales-logs.php with a vulnerability in the custom_text parameter, allowing remote attackers to inject arbitrary script/HTML (XSS). The issue is observed in WP e-Commerce 3.8.7.1 and possibly earlier. Remedia...