Remote File Inclusion Vulnerability in WP eCommerce Shop Styling Plugin by WordPress
CVE-2013-0724

Currently unrated

Key Information:

Vendor

Wordpress
Status
WP-ecommerce-shop-styling
Vendor
CVE Published:
27 May 2014

What is CVE-2013-0724?

The WP eCommerce Shop Styling plugin for WordPress contains a PHP remote file inclusion vulnerability located in 'includes/generate-pdf.php'. This flaw allows malicious users to execute arbitrary PHP code by manipulating the 'dompdf' parameter, potentially leading to unauthorized access and control over affected systems. It is crucial for website administrators to upgrade to version 1.8 or higher to mitigate this risk and safeguard their platforms against exploitation and data breaches.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/57768
vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/81931
vdb-entryx_refsource_XF
http://wordpress.org/plugins/wp-ecommerce-shop-styling/ch...
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.