CVE-2015-3300

Name of the Vulnerable Software and Affected Versions TheCartPress eCommerce Shopping Cart plugin for WordPress versions prior to 1.3.9.3

Description The issue allows remote attackers to inject arbitrary web script or HTML via various parameters, including billing firstname, billing lastname, billing company, billing tax id number, billing city, billing street, billing street 2, billing postcode, billing telephone 1, billing telephone 2, billing fax, shipping firstname, shipping lastname, shipping company, shipping tax id number, shipping city, shipping street, shipping street 2, shipping postcode, shipping telephone 1, shipping telephone 2, shipping fax, search by, address id, address name, firstname, lastname, street, city, postcode, email, post id, rel type, and post type in specific API endpoints, such as "shopping-cart/checkout/", "admin/AddressesList.php", "admin/AddressEdit.php", "admin/AssignedCategoriesList.php", and "admin/CustomFieldsList.php".

Recommendations For versions prior to 1.3.9.3, update to version 1.3.9.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable parameters and API endpoints until the update is applied. Avoid using the vulnerable parameters in the affected API endpoints until the issue is resolved.