SQL Injection Vulnerability in WP-OliveCart and WP-OliveCartPro
CVE-2016-4905
9.8CRITICAL
Summary
A security flaw exists in WP-OliveCart and WP-OliveCartPro, where an SQL injection vulnerability allows authenticated administrators to execute arbitrary SQL commands via unspecified methods. This could potentially compromise the integrity of the database and expose sensitive information. Users are advised to upgrade to the latest versions to mitigate this risk.
Affected Version(s)
WP-OliveCart versions prior to 3.1.3
WP-OliveCartPro versions prior to 3.1.8
References
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved