CVE-2013-0724 Information

Description

PHP remote file inclusion vulnerability in includes/generate-pdf.php in the WP ecommerce Shop Styling plugin for WordPress before 1.8 allows remote attackers to execute arbitrary PHP code via a URL in the dompdf parameter.

Reference

http://osvdb.org/89921 http://secunia.com/advisories/51707 http://wordpress.org/plugins/wp-ecommerce-shop-styling/changelog/ http://www.securityfocus.com/bid/57768 https://exchange.xforce.ibmcloud.com/vulnerabilities/81931