WP eCommerce <= 3.11.3 - SQL Injection in sessionidSign up to our free email alerts service for instant vulnerability notifications!
From vendor: "This vulnerability only affects users who use eWay as their payment gateway, have Gold Cart activated, and are using the as-of-yet-unreleased Theme Engine 2.0. We believe the number of users affected is likely close to zero, due to these conditions – but still, we highly recommend updating."
fixed in version 3.11.4
|OWASP Top 10||A1: Injection|
|Publicly Published||2016-11-12 (about 1 year ago)|
|Added||2016-11-15 (about 1 year ago)|
|Last Updated||2016-11-15 (about 1 year ago)|
Copyright & License
|Copyright||All data and resources contained within this page and this web site is Copyright © The WPScan Team.|
|License||Some of this data may be used for non-commercial purposes, however, any potential commercial usage of this data will require a license. If you would like to inquire about a commercial license please contact us.|