CVE-2025-3876

EPSS 0.37%
Veröffentlicht 10.05.2025 11:22:45
Zuletzt bearbeitet 21.05.2025 13:35:09
Quelle security@wordfence.com
CVE-Watchlists
Login
Unerledigt
Login

SMS Alert Order Notifications – WooCommerce <= 3.8.1 - Authenticated (Subscriber+) Privilege Escalation via handleWpLoginCreateUserAction Function

The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Privilege Escalation due to insufficient user OTP validation in the handleWpLoginCreateUserAction() function in all versions up to, and including, 3.8.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to impersonate any account by supplying its username or email and elevate their privileges to that of an administrator.

Mögliche Gegenmaßnahme

SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart Recovery: Update to version 3.8.2, or a newer patched version

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 9

NVD 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cozyvision ≫ Sms Alert Order Notifications SwEditionfree SwPlatformwordpress Version < 3.8.2

Weitere Schwachstelleninformationen

SystemWordPress Plugin

≫

Produkt SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart Recovery

Version *-3.8.1

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.37%	0.288

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
security@wordfence.com	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-862 Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

https://wordpress.org/plugins/sms-alert/#developers

Release Notes

https://www.wordfence.com/threat-intel/vulnerabilities/id/1cf65f79-d386-4dd4-a360-b2f764dfaf19?source=cve

Third Party Advisory

https://plugins.trac.wordpress.org/browser/sms-alert/tags/3.8.0/handler/forms/class-wplogin.php#L447

Product

https://plugins.trac.wordpress.org/browser/sms-alert/tags/3.8.0/handler/forms/class-wplogin.php#L145

Product

https://plugins.trac.wordpress.org/changeset/3290478/

Patch

https://www.wordfence.com/threat-intel/vulnerabilities/id/1cf65f79-d386-4dd4-a360-b2f764dfaf19

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-3876

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-3876

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-3876

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-3876