CVE-2025-3876

SMS Alert Order Notifications – WooCommerce <= 3.8.1 - Authenticated (Subscriber+) Privilege Escalation via handleWpLoginCreateUserAction Function

CVSS 8.8 HIGHEPSS 0.4%CWE-862

Vexday Risk Score

21Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 8.8EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

10 mai 2025Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Privilege Escalation due to insufficient user OTP validation in the handleWpLoginCreateUserAction() function in all versions up to, and including, 3.8.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to impersonate any account by supplying its username or email and elevate their privileges to that of an administrator.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Produtos afetados

cozyvision1 · SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart Recovery

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://plugins.trac.wordpress.org/browser/sms-alert/tags/3.8.0/handler/forms/class-wplogin.php#L145 https://plugins.trac.wordpress.org/browser/sms-alert/tags/3.8.0/handler/forms/class-wplogin.php#L447 https://plugins.trac.wordpress.org/changeset/3290478/https://wordpress.org/plugins/sms-alert/#developers https://www.wordfence.com/threat-intel/vulnerabilities/id/1cf65f79-d386-4dd4-a360-b2f764dfaf19?source=cve