WP eCommerce
cpe:2.3:a:getshopped:wp_e-commerce:*:*:*:*:*:*:*
- <= 3.15.1
A PHP Object Injection vulnerability has been identified in the WP eCommerce WordPress plugin, affecting versions through 3.15.1. The issue arises because the plugin unserializes user input via AJAX actions, which could enable unauthenticated users to perform object injection when a suitable gadget is available on the blog.
Exploitation of this vulnerability allows for PHP Object Injection, which could lead to arbitrary code execution or other malicious actions, depending on the injected object and the application's context.
To reproduce this vulnerability, send a POST request to '/wp-admin/admin-ajax.php' with the 'action' parameter set to 'wpsc_update_customer_meta'. Include a malicious serialized payload in the 'meta_value' parameter. After injecting the payload, verify its persistence by requesting the same meta key, which should return the injected data, indicating successful exploitation.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.