Full title: WordPress WP E-Commerce 3.8.9 SQL Injection / Cross Site Scripting 
Category: web applications
Platform: php
WordPress WP E-Commerce third party plugin version 3.8.9 suffers from cross site scripting and multiple remote SQL injection vulnerabilities.

# 0day.today @ http://0day.today/