Intrusion Prevention

WordPress.WP.E.Commerce.Plugin.cart.message.XSS

Description

This indicates an attack attempt to exploit a Cross Site Scripting vulnerability in WordPress WP e-Commerce Plug-in.
The vulnerability is a result of the application's failure to sanitize inputs from users. A remote attacker can execute arbitrary script code within the context of the application.

Affected Products

WordPress WP e-Commerce 3.8.6 and earlier versions.

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to the latest version available from the website.
http://wordpress.org/extend/plugins/wp-e-commerce/