CVE-2013-0724

Currently unrated

Key Information:

Vendor
Wordpress
Status
WP-ecommerce-shop-styling
Vendor
CVE Published:
27 May 2014

Summary

PHP remote file inclusion vulnerability in includes/generate-pdf.php in the WP ecommerce Shop Styling plugin for WordPress before 1.8 allows remote attackers to execute arbitrary PHP code via a URL in the dompdf parameter.

References

http://www.securityfocus.com/bid/57768
vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/81931
vdb-entryx_refsource_XF
http://wordpress.org/plugins/wp-ecommerce-shop-styling/ch...
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.