WP eCommerce <= 3.8.14.3 - Authorisation Bypass

Affects Plugin

fixed in version 3.8.14.4

References

URL https://blog.sucuri.net/2014/10/security-advisory-medium-severity-wp-ecommerce-wordpress-plugin.html
URL https://github.com/wp-e-commerce/WP-e-Commerce/commit/390c2ecc68027fbf21fb5d99a556d88c7bd8c05b

Classification

Type AUTHBYPASS
OWASP Top 10 A2: Broken Authentication and Session Management
CWE CWE-287

Miscellaneous

Submitter ethicalhack3r
Submitter Website https://dewhurstsecurity.com/
Submitter Twitter ethicalhack3r
Views 4444
Verified No
WPVDB ID 7653

Timeline

Publicly Published 2014-11-01 (over 5 years ago)
Added 2014-11-01 (over 5 years ago)
Last Updated 2019-10-21 (9 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin