Description
WordPress Plugin Shopping Cart & eCommerce Store is prone to multiple security bypass vulnerabilities. Exploiting these issues may allow attackers to perform otherwise restricted actions and subsequently update any WordPress options. WordPress Plugin Shopping Cart & eCommerce Store version 3.0.20 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.0.22 or latest
References
Related Vulnerabilities
WordPress Plugin Newsletter by Supsystic Cross-Site Scripting (1.1.7)
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22942)
WordPress Plugin zeList Directory Cross-Site Scripting (0.5.11.07)
WordPress Plugin BuddyPress Global Search Cross-Site Scripting (1.1.0)