Description

WordPress Plugin ShareYourCart is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin ShareYourCart version 1.6.1 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 1.7.1 or latest

References

http://secunia.com/advisories/48960/

http://www.securityfocus.com/bid/53241/

Related Vulnerabilities

WordPress Plugin Comment Extra Fields Multiple Cross-Site Scripting Vulnerabilities (1.7)

WordPress Plugin Digital River Global Commerce Supply Chain Attack [Polyfill.io] (2.0.2)

OpenSSL Key Management Errors Vulnerability (CVE-2016-7055)

WordPress Plugin Product Filter for WooCommerce Security Bypass (8.1.1)

PHP Other Vulnerability (CVE-2005-3388)

Severity

High

Classification

CVE-2012-4332 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update Information Disclosure