Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allow remote attackers to inject arbitrary web script or HTML via the (1) billing_firstname, (2) billing_lastname, (3) billing_company, (4) billing_tax_id_number, (5) billing_city, (6) billing_street, (7) billing_street_2, (8) billing_postcode, (9) billing_telephone_1, (10) billing_telephone_2, (11) billing_fax, (12) shipping_firstname, (13) shipping_lastname, (14) shipping_company, (15) shipping_tax_id_number, (16) shipping_city, (17) shipping_street, (18) shipping_street_2, (19) shipping_postcode, (20) shipping_telephone_1, (21) shipping_telephone_2, or (22) shipping_fax parameter to shopping-cart/checkout/; the (23) search_by parameter in the admin/AddressesList.php page to wp-admin/admin.php; the (24) address_id, (25) address_name, (26) firstname, (27) lastname, (28) street, (29) city, (30) postcode, or (31) email parameter in the admin/AddressEdit.php page to wp-admin/admin.php; the (32) post_id or (33) rel_type parameter in the admin/AssignedCategoriesList.php page to wp-admin/admin.php; or the (34) post_type parameter in the admin/CustomFieldsList.php page to wp-admin/admin.php.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Thecartpress | Thecartpress Ecommerce Shopping Cart | <= 1.3.9 |
Related Weaknesses (CWE)
References
- http://osvdb.org/show/osvdb/121438
- http://osvdb.org/show/osvdb/121469
- http://osvdb.org/show/osvdb/121470
- http://osvdb.org/show/osvdb/121471
- http://osvdb.org/show/osvdb/121472
- http://packetstormsecurity.com/files/131673/WordPress-TheCartPress-1.3.9-XSS-LocExploit
- http://www.securityfocus.com/archive/1/535396/100/0/threaded
- http://www.securityfocus.com/bid/74395
- https://wordpress.org/plugins/thecartpress/changelog/Patch
- https://www.exploit-db.com/exploits/36860/Exploit
- https://www.htbridge.com/advisory/HTB23254Exploit
- http://osvdb.org/show/osvdb/121438
- http://osvdb.org/show/osvdb/121469
- http://osvdb.org/show/osvdb/121470
- http://osvdb.org/show/osvdb/121471
FAQ
What is CVE-2015-3300?
CVE-2015-3300 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Multiple cross-site scripting (XSS) vulnerabilities in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allow remote attac...
How severe is CVE-2015-3300?
CVE-2015-3300 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-3300?
Check the references section above for vendor advisories and patch information. Affected products include: Thecartpress Thecartpress Ecommerce Shopping Cart.