CVE Vulnerability
CVE-2021-34645
The Shopping Cart & eCommerce Store WordPress plugin is vulnerable to Cross-Site Request Forgery via the save_currency_settings function found in the ~/admin/inc/wp_easycart_admin_initial_setup.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 5.1.0.
References
| Link | Resource |
|---|---|
| https://plugins.trac.wordpress.org/browser/wp-easycart/trunk/admin/inc/wp_easycart_admin_initial_setup.php?rev=2463792#L240 | Patch Third Party Advisory |
| https://wordfence.com/vulnerability-advisories/#CVE-2021-34645 | Third Party Advisory |
Configurations
Configuration 1
|
Information
Published : 2021-08-19 04:15
Updated : 2021-08-26 02:17
NVD link : CVE-2021-34645
Mitre link : CVE-2021-34645
Products Affected
No products.
CWE