CVE-2025-5482

EPSS 0.48%
Veröffentlicht 04.06.2025 07:21:45
Zuletzt bearbeitet 11.07.2025 18:50:03
Quelle security@wordfence.com
CVE-Watchlists
Login
Unerledigt
Login

Sunshine Photo Cart <= 3.4.11 - Authenticated (Subscriber+) Privilege Escalation

The Sunshine Photo Cart: Free Client Photo Galleries for Photographers plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.11. This is due to the plugin not properly validating a user-supplied key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary user's passwords through the password reset functionality, including administrators, and leverage that to reset the user's password and gain access to their account.

Mögliche Gegenmaßnahme

Sunshine Photo Cart – Client Photo Gallery & Photo Proofing for Photographers: Update to version 3.4.12, or a newer patched version

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

NVD 1 VulnDex Vulnerability Enrichment 2

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Sunshinephotocart ≫ Sunshine Photo Cart SwPlatformwordpress Version < 3.4.12

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Weitere Schwachstelleninformationen

SystemWordPress Plugin

≫

Produkt Sunshine Photo Cart – Client Photo Gallery & Photo Proofing for Photographers

Version *-3.4.11

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.48%	0.375

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security@wordfence.com	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-620 Unverified Password Change

When setting a new password for a user, the product does not require knowledge of the original password, or using another form of authentication.

https://www.wordfence.com/threat-intel/vulnerabilities/id/5311b43c-14dd-4bdd-b6d0-d6468b831968?source=cve

Third Party Advisory

https://plugins.trac.wordpress.org/browser/sunshine-photo-cart/trunk/includes/functions/account.php#L303

Product

https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3305406%40sunshine-photo-cart%2Ftrunk&old=3261773%40sunshine-photo-cart%2Ftrunk&sfp_email=&sfph_mail=

Patch

https://www.wordfence.com/threat-intel/vulnerabilities/id/5311b43c-14dd-4bdd-b6d0-d6468b831968

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-5482

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-5482

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-5482

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-5482