Assigner | jpcert |
Reserved | 2024-05-19 |
Published | 2024-06-07 |
Updated | 2024-06-07 |
Description
SQL injection vulnerability in Music Store - WordPress eCommerce versions prior to 1.1.14 allows a remote authenticated attacker with an administrative privilege to execute arbitrary SQL commands. Information stored in the database may be obtained or altered by the attacker.
Problem types
SQL Injection
Product status
References
https://wordpress.org/plugins/music-store/
https://jvn.jp/en/jp/JVN79213252/