WordPress Shopping Cart Plugin Multiple Vulnerabilities

Summary
This host is installed with WordPress Shopping Cart Plugin and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to gain sensitive information or to upload arbitrary PHP code and run it in the context of the Web server process. Impact Level: Application
Solution
Upgrade to the WordPress Shopping Cart Plugin 8.1.15 or later, For updates refer to http://wordpress.org/extend/plugins/levelfourstorefront/
Insight
Input passed via the 'reqID' parameter to backup.php, dbuploaderscript.php, exportsubscribers.php , emailimageuploaderscript.php and productuploaderscript.php is not properly sanitised which allows to execute SQL commands or upload files with arbitrary extensions to a folder inside the webroot.
Affected
WordPress Shopping Cart plugin version 8.1.14
References