MidnightBSD

Advisories for wpeasycart

CVE-2014-9308 MEDIUM

Unrestricted file upload vulnerability in inc/amfphp/administration/banneruploaderscript.php in the WP EasyCart (aka WordPress Shopping Cart) plugin before 3.0.9 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in products/banners/.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wpeasycart wp_easycart *
CVE-2015-2673 MEDIUM

The ec_ajax_update_option and ec_ajax_clear_all_taxrates functions in inc/admin/admin_ajax_functions.php in the WP EasyCart plugin 1.1.30 through 3.0.20 for WordPress allow remote attackers to gain administrator privileges and execute arbitrary code via the option_name and option_value parameters.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
wpeasycart wp_easycart 2.1.3
wpeasycart wp_easycart 1.1.31
wpeasycart wp_easycart 3.0.18
wpeasycart wp_easycart 3.0.2
wpeasycart wp_easycart 2.1.7
wpeasycart wp_easycart 1.2.12
wpeasycart wp_easycart 3.0.6
wpeasycart wp_easycart 2.1.4
wpeasycart wp_easycart 1.1.33
wpeasycart wp_easycart 1.2.7
wpeasycart wp_easycart 2.0.10
wpeasycart wp_easycart 1.1.30
wpeasycart wp_easycart 2.0.3
wpeasycart wp_easycart 2.1.14
wpeasycart wp_easycart 2.0.7
wpeasycart wp_easycart 2.1.28
wpeasycart wp_easycart 2.0.20
wpeasycart wp_easycart 3.0.14
wpeasycart wp_easycart 2.0.4
wpeasycart wp_easycart 1.1.35
wpeasycart wp_easycart 3.0.3
wpeasycart wp_easycart 2.0.22
wpeasycart wp_easycart 2.1.32
wpeasycart wp_easycart 2.1.36
wpeasycart wp_easycart 1.2.11
wpeasycart wp_easycart 3.0.20
wpeasycart wp_easycart 1.2.16
wpeasycart wp_easycart 2.0.11
wpeasycart wp_easycart 1.1.34
wpeasycart wp_easycart 2.1.30
wpeasycart wp_easycart 2.0.21
wpeasycart wp_easycart 1.2.9
wpeasycart wp_easycart 2.0.1@824267
wpeasycart wp_easycart 2.0.5
wpeasycart wp_easycart 1.2.1
wpeasycart wp_easycart 2.0.19
wpeasycart wp_easycart 2.1.15
wpeasycart wp_easycart 2.0.18
wpeasycart wp_easycart 3.0.12
wpeasycart wp_easycart 2.0.9
wpeasycart wp_easycart 3.0.5
wpeasycart wp_easycart 2.1.10
wpeasycart wp_easycart 2.1.2
wpeasycart wp_easycart 2.1.19
wpeasycart wp_easycart 2.0.17
wpeasycart wp_easycart 2.1.21
wpeasycart wp_easycart 2.1.26
wpeasycart wp_easycart 2.1.34
wpeasycart wp_easycart 3.0.9
wpeasycart wp_easycart 2.1.13
wpeasycart wp_easycart 2.1.17
wpeasycart wp_easycart 3.0.0
wpeasycart wp_easycart 1.2.10
wpeasycart wp_easycart 1.2.14
wpeasycart wp_easycart 2.1.25
wpeasycart wp_easycart 3.0.15
wpeasycart wp_easycart 2.1.27
wpeasycart wp_easycart 3.0.19
wpeasycart wp_easycart 1.2.5
wpeasycart wp_easycart 3.0.4
wpeasycart wp_easycart 3.0.13
wpeasycart wp_easycart 3.0.17
wpeasycart wp_easycart 1.2.2
wpeasycart wp_easycart 2.1.35
wpeasycart wp_easycart 2.1.9
wpeasycart wp_easycart 2.1.6
wpeasycart wp_easycart 2.1.31
wpeasycart wp_easycart 2.1.12
wpeasycart wp_easycart 2.1.8
wpeasycart wp_easycart 2.1.23
wpeasycart wp_easycart 2.1.33
wpeasycart wp_easycart 1.1.36
wpeasycart wp_easycart 2.1.29
wpeasycart wp_easycart 3.0.7
wpeasycart wp_easycart 2.1.5
wpeasycart wp_easycart 1.2.13
wpeasycart wp_easycart 1.2.4
wpeasycart wp_easycart 2.1.16
wpeasycart wp_easycart 2.0.14
wpeasycart wp_easycart 2.1.1
wpeasycart wp_easycart 1.2.15
wpeasycart wp_easycart 2.0.16
wpeasycart wp_easycart 2.0.6
wpeasycart wp_easycart 2.0.8
wpeasycart wp_easycart 2.0.1
wpeasycart wp_easycart 2.1.20
wpeasycart wp_easycart 1.2.6
wpeasycart wp_easycart 3.0.11
wpeasycart wp_easycart 2.0.15
wpeasycart wp_easycart 1.1.32
wpeasycart wp_easycart 3.0.16
wpeasycart wp_easycart 3.0.1
wpeasycart wp_easycart 3.0.10
wpeasycart wp_easycart 1.2.8
wpeasycart wp_easycart 2.0.2
wpeasycart wp_easycart 3.0.8
wpeasycart wp_easycart 1.2.0
wpeasycart wp_easycart 1.2.3
wpeasycart wp_easycart 2.1.11
wpeasycart wp_easycart 2.1.18
wpeasycart wp_easycart 2.0.12
wpeasycart wp_easycart 2.1.22
wpeasycart wp_easycart 2.1.0
wpeasycart wp_easycart 2.0.13
wpeasycart wp_easycart 2.1.24
CVE-2021-34645 MEDIUM

The Shopping Cart & eCommerce Store WordPress plugin is vulnerable to Cross-Site Request Forgery via the save_currency_settings function found in the ~/admin/inc/wp_easycart_admin_initial_setup.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 5.1.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@wordfence.com 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,CWE-352,

Products Affected

Vendor Product Version
wpeasycart shopping_cart_&_ecommerce_store *
CVE-2023-1124

The Shopping Cart & eCommerce Store WordPress plugin before 5.4.3 does not validate HTTP requests, allowing authenticated users with admin privileges to perform LFI attacks.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
wpeasycart wp_easycart *
CVE-2023-2891

The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the process_delete_product function. This makes it possible for unauthenticated attackers to delete products via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@wordfence.com 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

Products Affected

Vendor Product Version
wpeasycart wp_easycart *
CVE-2023-2892

The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the process_bulk_delete_product function. This makes it possible for unauthenticated attackers to bulk delete products via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@wordfence.com 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

Products Affected

Vendor Product Version
wpeasycart wp_easycart *
CVE-2023-2893

The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the process_deactivate_product function. This makes it possible for unauthenticated attackers to deactivate products via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@wordfence.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
wpeasycart wp_easycart *
CVE-2023-2894

The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the process_bulk_deactivate_product function. This makes it possible for unauthenticated attackers to bulk deactivate products via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@wordfence.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
wpeasycart wp_easycart *
CVE-2023-2895

The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the process_bulk_activate_product function. This makes it possible for unauthenticated attackers to bulk activate products via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@wordfence.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
wpeasycart wp_easycart *
CVE-2023-2896

The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the process_duplicate_product function. This makes it possible for unauthenticated attackers to duplicate products via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@wordfence.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
wpeasycart wp_easycart *
CVE-2023-3023

The WP EasyCart plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in versions up to, and including, 5.4.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level or above permissions, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@wordfence.com 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
wpeasycart wp_easycart *