CVE-2015-2673 in WP EasyCart Plugininfo

Summary

The ec_ajax_update_option and ec_ajax_clear_all_taxrates functions in inc/admin/admin_ajax_functions.php in the WP EasyCart plugin 1.1.30 through 3.0.20 for Wordpress allows remote attackers to gain administrator privileges and execute arbitrary code via the option_name and option_value parameters.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

03/23/2015

Disclosure

10/06/2017

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-264

Exploit

Download

CVSS

7.5

EPSS

0.63767

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-2673
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-2673
CVE Details	https://www.cvedetails.com/cve/CVE-2015-2673/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!