The WordPress Eshop plugin 6.3.11 and earlier has a security flaw in its eshop_checkout function located in checkout.php. Attackers can exploit this flaw to inject malicious code into the website or reveal sensitive information. This is done by sending specially crafted variables in the “”eshopcart”” HTTP cookie.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
