Logic Flaw in Simple Shopping Cart Plugin for WordPress
CVE-2025-3530

7.5HIGH

Key Information:

Vendor
WordPress
Status
WordPress Simple Shopping Cart
Vendor
CVE Published:
23 April 2025

Summary

The Simple Shopping Cart plugin for WordPress contains a logic flaw that allows an attacker to manipulate product prices. This vulnerability arises from the inconsistent use of parameters during the cart addition process. Specifically, while the plugin generates a security hash using the 'product_tmp_two' parameter to prevent price tampering, it displays the product using 'wspsc_product'. This inconsistency enables an unauthenticated attacker to replace product details with those from a less expensive item, thus facilitating payment bypass for higher-priced products. It is crucial for users to ensure they are using the latest version of the plugin to mitigate this risk.

Affected Version(s)

WordPress Simple Shopping Cart * <= 5.1.2

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...
https://plugins.trac.wordpress.org/browser/wordpress-simp...
https://plugins.trac.wordpress.org/browser/wordpress-simp...

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Jack Taylor
.