EUVD-2025-17529

| CVE-2025-48129 CRITICAL
2025-06-09 [email protected]
9.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Mar 14, 2026 - 19:21 euvd
EUVD-2025-17529
Analysis Generated
Mar 14, 2026 - 19:21 vuln.today
CVE Published
Jun 09, 2025 - 16:15 nvd
CRITICAL 9.8

Tags

WordPress Privilege Escalation Woocommerce PHP

Description

Incorrect Privilege Assignment vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce - Light allows Privilege Escalation. This issue affects Spreadsheet Price Changer for WooCommerce and WP E-commerce - Light: from n/a through 2.4.37.

Analysis

CVE-2025-48129 is an Incorrect Privilege Assignment vulnerability (CWE-266) in Holest Engineering's Spreadsheet Price Changer for WooCommerce and WP E-commerce - Light plugin that allows unauthenticated remote attackers to escalate privileges and gain complete control over affected WordPress installations. The vulnerability affects versions up to and including 2.4.37, with a critical CVSS 9.8 score indicating network-exploitable, low-complexity privilege escalation requiring no authentication or user interaction. Active exploitation status and proof-of-concept availability would significantly elevate real-world risk given the plugin's direct access to WooCommerce/WP E-commerce price modification functionality.

Technical Context

The vulnerability stems from improper capability checks in the WordPress plugin architecture, where the Spreadsheet Price Changer plugin fails to correctly validate user privilege levels before granting access to price modification endpoints. This is a direct instantiation of CWE-266 (Incorrect Privilege Assignment), where the plugin assigns or grants capabilities (WordPress permissions) to users without proper verification of their actual role or capabilities. The affected software is a WordPress plugin (CPE base: wps/holest-engineering/spreadsheet-price-changer) that integrates with WooCommerce and WP E-commerce platforms to allow bulk price updates. The root cause likely involves inadequate capability/nonce checks in AJAX handlers or REST API endpoints that process price change requests. WordPress plugins in this category typically fail to use proper functions like current_user_can() or check_admin_referer() before executing privileged operations, allowing anonymous or low-privileged users to perform administrative functions.

Affected Products

Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light (2.4.37 and below)

Remediation

Update to version 2.4.38 or later immediately. Check WordPress plugin repository or vendor site for latest version.; priority: CRITICAL - deploy within 24 hours Temporary Workaround: Disable the Spreadsheet Price Changer plugin entirely until patched. Use alternative price management methods (manual WooCommerce admin interface or alternative plugins with verified security). Detection & Monitoring: Monitor logs for unauthorized price modification requests, unexpected admin capability grants, or suspicious AJAX calls to plugin endpoints. Audit user roles and capabilities immediately. Access Control: If unable to patch immediately, restrict plugin access via Web Application Firewall (WAF) rules or htaccess to block requests to plugin endpoints. Verify no unauthorized users have gained admin access. Post-Incident: If exploitation is suspected, audit all price changes, product data, user accounts, and plugin access logs. Reset admin passwords and review user roles.

Priority Score

49
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +49
POC: 0

Share

EUVD-2025-17529 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy