Vulnerability Details : CVE-2015-3300
Multiple cross-site scripting (XSS) vulnerabilities in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allow remote attackers to inject arbitrary web script or HTML via the (1) billing_firstname, (2) billing_lastname, (3) billing_company, (4) billing_tax_id_number, (5) billing_city, (6) billing_street, (7) billing_street_2, (8) billing_postcode, (9) billing_telephone_1, (10) billing_telephone_2, (11) billing_fax, (12) shipping_firstname, (13) shipping_lastname, (14) shipping_company, (15) shipping_tax_id_number, (16) shipping_city, (17) shipping_street, (18) shipping_street_2, (19) shipping_postcode, (20) shipping_telephone_1, (21) shipping_telephone_2, or (22) shipping_fax parameter to shopping-cart/checkout/; the (23) search_by parameter in the admin/AddressesList.php page to wp-admin/admin.php; the (24) address_id, (25) address_name, (26) firstname, (27) lastname, (28) street, (29) city, (30) postcode, or (31) email parameter in the admin/AddressEdit.php page to wp-admin/admin.php; the (32) post_id or (33) rel_type parameter in the admin/AssignedCategoriesList.php page to wp-admin/admin.php; or the (34) post_type parameter in the admin/CustomFieldsList.php page to wp-admin/admin.php.
Vulnerability category: Cross site scripting (XSS)
Products affected by CVE-2015-3300
- Thecartpress » Thecartpress Ecommerce Shopping Cart » For WordpressVersions up to, including, (<=) 1.3.9cpe:2.3:a:thecartpress:thecartpress_ecommerce_shopping_cart:*:*:*:*:*:wordpress:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-3300
0.29%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 69 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-3300
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST |
CWE ids for CVE-2015-3300
-
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-3300
-
https://www.exploit-db.com/exploits/36860/
WordPress Plugin TheCartPress 1.3.9 - Multiple VulnerabilitiesExploit
-
https://www.htbridge.com/advisory/HTB23254
Multiple Vulnerabilities in TheCartPress WordPress plugin - HTB23254 Security Advisory | ImmuniWebExploit
-
http://www.securityfocus.com/bid/74395
WordPress TheCartPress Plugin Multiple Security Vulnerabilities
-
http://www.securityfocus.com/archive/1/535396/100/0/threaded
SecurityFocus
-
http://packetstormsecurity.com/files/131673/WordPress-TheCartPress-1.3.9-XSS-Local-File-Inclusion.html
WordPress TheCartPress 1.3.9 XSS / Local File Inclusion ≈ Packet StormExploit
-
https://wordpress.org/plugins/thecartpress/changelog/
TheCartPress eCommerce Shopping Cart – WordPress plugin | WordPress.orgPatch
Jump to