CVE-2025-3874 | THREATINT

Description

The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.3 due to lack of randomization of a user controlled key. This makes it possible for unauthenticated attackers to access customer shopping carts and edit product links, add or delete products, and discover coupon codes.

PUBLISHED Reserved 2025-04-22 | Published 2025-05-01 | Updated 2026-04-08 | Assigner Wordfence

MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Problem types

CWE-639 Authorization Bypass Through User-Controlled Key

Product status

Default status

unaffected

Any version

affected

Timeline

2025-04-30:

Disclosed

Credits

Jack Taylor finder

References

www.wordfence.com/...-885b-4a06-aff2-8e5ab5f83ba7?source=cve

plugins.trac.wordpress.org/...2/includes/class-wpsc-cart.php

plugins.trac.wordpress.org/...2/includes/class-wpsc-cart.php

plugins.trac.wordpress.org/...ags/5.1.2/wp_shopping_cart.php

plugins.trac.wordpress.org/...ags/5.1.2/wp_shopping_cart.php

plugins.trac.wordpress.org/...ags/5.1.2/wp_shopping_cart.php

www.tipsandtricks-hq.com/ecommerce/wp-shopping-cart

developer.wordpress.org/...e/functions/wp_generate_password/

plugins.trac.wordpress.org/changeset/3284572/

cve.org (CVE-2025-3874)

nvd.nist.gov (CVE-2025-3874)

Download JSON

help @ threatint.eu