CVE-2025-5482

The Sunshine Photo Cart: Free Client Photo Galleries for Photographers plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.11. This is due to the plugin not properly validating a user-supplied key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary user's passwords through the password reset functionality, including administrators, and leverage that to reset the user's password and gain access to their account.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://plugins.trac.wordpress.org/browser/sunshine-photo-cart/trunk/includes/functions/account.php#L303
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3305406%40sunshine-photo-cart%2Ftrunk&old=3261773%40sunshine-photo-cart%2Ftrunk&sfp_email=&sfph_mail=
https://www.wordfence.com/threat-intel/vulnerabilities/id/5311b43c-14dd-4bdd-b6d0-d6468b831968?source=cve

Configurations

No configuration.

History

04 Jun 2025, 14:54

Type	Values Removed	Values Added
Summary		(es) El complemento Sunshine Photo Cart: Free Client Photo Galleries for Photographers para WordPress es vulnerable a la escalada de privilegios mediante el robo de cuentas en todas las versiones hasta la 3.4.11 incluida. Esto se debe a que el complemento no valida correctamente la clave proporcionada por el usuario. Esto permite a atacantes autenticados, con acceso de suscriptor o superior, cambiar las contraseñas de usuarios arbitrarios mediante la función de restablecimiento de contraseña, incluyendo administradores, y aprovechar esta situación para restablecer la contraseña del usuario y acceder a su cuenta.

04 Jun 2025, 08:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-04 08:15

Updated : 2025-06-04 14:54

NVD link : CVE-2025-5482

Mitre link : CVE-2025-5482

CVE.ORG link : CVE-2025-5482

JSON object : View

Products Affected

No product.

CWE

CWE-620

Unverified Password Change

8.8 /10