CVE-2019-9184

Name of the Vulnerable Software and Affected Versions J2Store plugin versions 3.x before 3.3.7 for Joomla!

Description The issue allows remote attackers to execute arbitrary SQL commands via the product option[] parameter. This can lead to unauthorized access and manipulation of database content.

Recommendations For J2Store plugin versions 3.x before 3.3.7, update to version 3.3.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable product option[] parameter until a patch is applied.