VULHUB ™

JustAddCommerce does not properly validate data contained in hidden form fields in the default configuration. As a result, an attacker can modify the data contained in the hidden fields and submit them to the server. This may be used to manipulate prices for items purchased through a website using the JustAddCommerce shopping system. It may also be possible to manipulate other data contained in hidden form fields. This issue may be present when JustAddCommerce is deployed with the "Standard Security" setting, which is the default security level. JustAddCommerce provides other security settings which will eliminate this problem.

JustAddCommerce does not properly validate data contained in hidden form fields in the default configuration. As a result, an attacker can modify the data contained in the hidden fields and submit them to the server. This may be used to manipulate prices for items purchased through a website using the JustAddCommerce shopping system. It may also be possible to manipulate other data contained in hidden form fields. This issue may be present when JustAddCommerce is deployed with the "Standard Security" setting, which is the default security level. JustAddCommerce provides other security settings which will eliminate this problem.