MarketPress <= 3.2.6 - PHP Object InjectionSign up to our free email alerts service for instant vulnerability notifications!
The MarketPress plugin (installs to a directory named wordpress-ecommerce) versions 3.2.6 and prior are vulnerable to a PHP Object Injection attack from the cart cookie value stored in connection with this plugin.
|Proof of Concept||
fixed in version 3.2.7
|OWASP Top 10||A1: Injection|
|Publicly Published||2017-10-01 (4 months ago)|
|Added||2017-09-28 (4 months ago)|
|Last Updated||2017-09-28 (4 months ago)|
Copyright & License
|Copyright||All data and resources contained within this page and this web site is Copyright © The WPScan Team.|
|License||Some of this data may be used for non-commercial purposes, however, any potential commercial usage of this data will require a license. If you would like to inquire about a commercial license please contact us.|