CVE-2014-4942

Name of the Vulnerable Software and Affected Versions EasyCart (wp-easycart) versions prior to 2.0.6

Description The issue allows remote attackers to obtain configuration information by making a direct request to "inc/admin/phpinfo.php", which calls the phpinfo() function.

Recommendations For versions prior to 2.0.6, update to version 2.0.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the "inc/admin/phpinfo.php" file to minimize the risk of exploitation.