CVE-2025-3530
The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to product price manipulation in all versions up to, and including, 5.1.2. This is due to a logic flaw involving the inconsistent use of parameters during the cart addition process. The plugin uses the parameter 'product_tmp_two' for computing a security hash against price tampering while using 'wspsc_product' to display the product, allowing an unauthenticated attacker to substitute details from a cheaper product and bypass payment for a more expensive item.
Vendor
-
Product
-
CWE
Yayın Tarihi
2025-04-23 08:15:14
Güncelleme
2025-04-23 14:08:13
Source Identifier
security@wordfence.com
KEV Date Added
-
Kategoriler
Referanslar
https://plugins.trac.wordpress.org/browser/wordpress-simple-paypal-shopping-cart/tags/5.1.2/wp_shopping_cart.php#L156
https://plugins.trac.wordpress.org/browser/wordpress-simple-paypal-shopping-cart/tags/5.1.2/wp_shopping_cart.php#L165
https://plugins.trac.wordpress.org/browser/wordpress-simple-paypal-shopping-cart/tags/5.1.2/wp_shopping_cart.php#L171
https://plugins.trac.wordpress.org/browser/wordpress-simple-paypal-shopping-cart/tags/5.1.2/wp_shopping_cart.php#L261
https://plugins.trac.wordpress.org/changeset/3275373/
https://www.tipsandtricks-hq.com/wordpress-simple-paypal-shopping-cart-plugin-768
https://www.wordfence.com/threat-intel/vulnerabilities/id/e0a3910b-adc4-4633-a6a1-32ba50894be4?source=cve