cleantalk
Vulnerabilities and Security Researches

Shopping Cart & eCommerce Store, CVE-2015-2673

CVE, Research URL

CVE-2015-2673

Home page URL

Security reports for Shopping Cart & eCommerce Store

Application

Shopping Cart & eCommerce Store

Published on
Oct 07, 2017
Research Description
The ec_ajax_update_option and ec_ajax_clear_all_taxrates functions in inc/admin/admin_ajax_functions.php in the WP EasyCart plugin 1.1.30 through 3.0.20 for WordPress allow remote attackers to gain administrator privileges and execute arbitrary code via the option_name and option_value parameters.
Affected versions
Min 1.1.30, max 3.0.20.
Status
vulnerable
Previous vulnerability researches
Shopping Cart & eCommerce Store (CVE-2024-7827) , Aug 21, 2024
Shopping Cart & eCommerce Store (CVE-2026-32422) , Mar 30, 2026
Shopping Cart & eCommerce Store (CVE-2021-34645) , Jun 07, 2024
Shopping Cart & eCommerce Store (CVE-2014-4942) , Jun 07, 2024
Shopping Cart & eCommerce Store (CVE-2023-1124) , Jun 07, 2024
New vulnerability
Product Feed PRO for WooCommerce (CVE-2026-32443) , Mar 30, 2026
RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login (CVE-2026-24373) , Mar 30, 2026
RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login (CVE-2026-32385) , Mar 30, 2026
RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login (CVE-2026-32498) , Mar 30, 2026
Gallery Block (Meow Gallery) (CVE-2026-32418) , Mar 30, 2026