WordPress Plugin Vulnerabilities

FireStorm Shopping Cart eCommerce Plugin 2.07.02 - Authenticated SQL Injection

Description

$_POST[ ‘pid’ ] is not escaped. Url is accessible for administrator user.

Url with problem: http://localhost:1406/wp/wp-admin/admin.php?page=fssc-products&fp=general&f=edit&cid=0&pid=0

Proof of Concept

Affects Plugins

Plugin icon
fs-shopping-cart
No known fix

References

CVE
CVE-2016-10951
URL
https://lenonleite.com.br/en/2016/11/10/firestorm-shopping-cart-ecommerce-plugin-2-07-02-for-wordpress/

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89
CVSS
7.2 (high)

Miscellaneous

Submitter
Lenon Leite
Submitter website
http://lenonleite.com.br/
Submitter twitter
lenonleite
Verified
No
WPVDB ID
5a2fcec6-6a2c-4bd6-a3e7-c1ae9741fb23

Timeline

Publicly Published
2016-11-10 (about 9 years ago)
Added
2016-11-21 (about 9 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2026-01-20
Title
Directorist Booking <= 2.4.1 - Unauthenticated SQL Injection
Published
2015-07-19
Title
WR ContactForm <= 1.1.9 - Authenticated SQL Injection
Published
2021-10-11
Title
WPSchoolPress < 2.1.10 - Multiple Authenticated SQL Injections
Published
2021-10-18
Title
Email Log < 2.4.7 - Admin+ SQL Injection
Published
2024-10-21
Title
WP Sessions Time Monitoring Full Automatic < 1.1.0 - Unauthenticated SQL Injection