Description
WordPress Plugin Shoppable Images is prone to multiple vulnerabilities, including PHP object injection and cross-site request forgery vulnerabilities. A successful exploit may allow an attacker to execute arbitrary PHP code within the context of the affected webserver process or to perform certain administrative actions; other attacks are also possible. WordPress Plugin Shoppable Images version 1.0.0 is vulnerable.
Remediation
Update to plugin version 1.0.1 or latest
References
Related Vulnerabilities
WebLogic Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-11771)
WordPress Plugin Shopping Cart & eCommerce Store Unspecified Vulnerability (3.1.9)
MySQL CVE-2013-2381 Vulnerability (CVE-2013-2381)
WordPress Plugin Pressbooks Cross-Site Scripting (2.4.2)
WordPress Plugin AccessPress Social Counter Cross-Site Scripting (1.3.6)