Privilege Escalation Vulnerability in Hikashop for Joomla
CVE-2025-25225

6.5MEDIUM

Key Information:

Vendor: Hikashop.com
Status: Hikashop Component For Joomla
Vendor: CVE Published:; 15 March 2025

🔔 Create Hikashop.com Vulnerability Alert

What is CVE-2025-25225?

A privilege escalation vulnerability exists in the Hikashop component for Joomla, allowing authenticated users with administrator access to escalate their permissions to Super Admin level. This could enable attackers to gain wider access and control over the Joomla environment, posing significant risks to data integrity and system security.

Affected Version(s)

Hikashop component for Joomla 1.0.0-5.1.3

References

https://www.hikashop.com/

product

https://github.com/AdamWallwork/CVEs/tree/main/2025/CVE-2...

third-party-advisory

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 15, 2025