CVE-2015-2673 in WP EasyCart Plugin
摘要
由 VulDB • 2026-06-30
WP EasyCart插件(适用于WordPress)版本1.1.30至3.0.20中,inc/admin/admin_ajax_functions.php文件内的ec_ajax_update_option和ec_ajax_clear_all_taxrates函数存在漏洞,允许远程攻击者通过option_name和option_value参数获取管理员权限并执行任意代码。
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.