CVE-2012-5310

Name: CVE-2012-5310
Creator: NVD / NIST
Published: 2012-10-08T17:55:00.933+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 2.11%

Last modified Jun 16, 2026

CVE-2012-5310 is a vulnerability of currently unknown severity. SQL injection vulnerability in the WP e-Commerce plugin before 3.8.7.6 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors.. EPSS estimates a 2.11% chance of exploitation in the next 30 days.

Description

SQL injection vulnerability in the WP e-Commerce plugin before 3.8.7.6 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Metrics

EPSS Probability

2.11%

79.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-89

Affected Software

Vendor	Product	Versions
Getshopped	Wp E-Commerce	<= 3.8.7.5
Getshopped	Wp E-Commerce	3.6.5
Getshopped	Wp E-Commerce	3.6.6
Getshopped	Wp E-Commerce	3.6.7
Getshopped	Wp E-Commerce	3.6.8
Getshopped	Wp E-Commerce	3.6.9
Getshopped	Wp E-Commerce	3.6.10
Getshopped	Wp E-Commerce	3.6.11
Getshopped	Wp E-Commerce	3.6.12
Getshopped	Wp E-Commerce	3.6.13
Getshopped	Wp E-Commerce	3.7
Getshopped	Wp E-Commerce	3.7.1
Getshopped	Wp E-Commerce	3.7.2
Getshopped	Wp E-Commerce	3.7.3
Getshopped	Wp E-Commerce	3.7.4
Getshopped	Wp E-Commerce	3.7.5
Getshopped	Wp E-Commerce	3.7.5.1
Getshopped	Wp E-Commerce	3.7.5.2
Getshopped	Wp E-Commerce	3.7.5.3
Getshopped	Wp E-Commerce	3.7.6
Getshopped	Wp E-Commerce	3.7.6.1
Getshopped	Wp E-Commerce	3.7.6.2
Getshopped	Wp E-Commerce	3.7.6.3
Getshopped	Wp E-Commerce	3.7.6.4
Getshopped	Wp E-Commerce	3.7.6.5
Getshopped	Wp E-Commerce	3.7.6.6
Getshopped	Wp E-Commerce	3.7.6.7
Getshopped	Wp E-Commerce	3.7.6.9
Getshopped	Wp E-Commerce	3.7.7
Getshopped	Wp E-Commerce	3.7.8
Getshopped	Wp E-Commerce	3.7.8.1
Getshopped	Wp E-Commerce	3.7.8.2
Getshopped	Wp E-Commerce	3.7.8.3
Getshopped	Wp E-Commerce	3.8
Getshopped	Wp E-Commerce	3.8.1
Getshopped	Wp E-Commerce	3.8.2
Getshopped	Wp E-Commerce	3.8.3
Getshopped	Wp E-Commerce	3.8.4
Getshopped	Wp E-Commerce	3.8.5
Getshopped	Wp E-Commerce	3.8.6
Getshopped	Wp E-Commerce	3.8.6.1
Getshopped	Wp E-Commerce	3.8.7
Getshopped	Wp E-Commerce	3.8.7.1
Getshopped	Wp E-Commerce	3.8.7.2
Getshopped	Wp E-Commerce	3.8.7.3
Getshopped	Wp E-Commerce	3.8.7.4
Getshopped	Wp E-Commerce	3.8.8

References

Timeline

Published: Oct 8, 2012
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2012-5310?

SQL injection vulnerability in the WP e-Commerce plugin before 3.8.7.6 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

How severe is CVE-2012-5310?

Severity scoring for CVE-2012-5310 is pending analysis. The EPSS model estimates a 2.11% probability of exploitation in the next 30 days.

How do I fix CVE-2012-5310?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2012-5310?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST