Remote Code Execution vulnerability in Ophirah/Qquoteadv (Cart2Quote) extension due to usage of a unserialize function in PHP when receiving this from a GET request. The vulnerability can be used to remotely execute any PHP code, including full takeover or data compromise. Patch for the extension is available from the extension developers at https://cart2quote.zendesk.com/hc/en-us/articles/115000616303.
C