Secunia Security Advisory - Some vulnerabilities have been reported in CandyPress Store, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
3887f96914facdba972ec08deff6ad37812041b31bea294386285f5bc6fc802a