TheCartPress 1.3.9 WordPress plugin Security Vulnerabilities Notification | WordPress.org

Resolved htbridge
(@htbridge)

9 years ago

Hello,

High-Tech Bridge Security Research Lab has discovered multiple security vulnerabilities in TheCartPress 1.3.9 WordPress plugin.

Preview available here: https://www.htbridge.com/advisory/HTB23254

Developers can contact us by email for details: advisory (at) htbridge.com

For any questions related to this notification message – please visit our General Information & Disclosure Policy page: https://www.htbridge.com/advisory/disclosure_policy.html

Best regards,
High-Tech Bridge Security Research Lab

https://wordpress.org/plugins/thecartpress/

Viewing 3 replies - 1 through 3 (of 3 total)

jwoertz
(@jwoertz)

9 years ago

So what are we supposed to do now?

Thread Starter htbridge
(@htbridge)

8 years, 11 months ago

Security Advisory was updated: https://www.htbridge.com/advisory/HTB23254

Solution:

Update to TheCartPress 1.3.9.3

More Information:
https://wordpress.org/plugins/thecartpress/changelog/
http://www.securityweek.com/flaws-wordpress-ecommerce-plugin-expose-over-5000-websites

Thread Starter htbridge
(@htbridge)

8 years, 11 months ago

Resolved

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘TheCartPress 1.3.9 WordPress plugin Security Vulnerabilities Notification’ is closed to new replies.

Tags

xss

In: Plugins
3 replies
2 participants
Last reply from: htbridge
Last activity: 8 years, 11 months ago
Status: resolved