{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-11457", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-10-07T18:32:16.049Z", "datePublished": "2025-11-11T03:30:43.033Z", "dateUpdated": "2026-04-08T17:03:15.415Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:03:15.415Z"}, "affected": [{"vendor": "easycommerce", "product": "EasyCommerce \u2013 AI-Powered WordPress Ecommerce Plugin to Sell Digital Products, Subscriptions & Physical Goods", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.8.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The EasyCommerce \u2013 AI-Powered, Fast & Beautiful WordPress Ecommerce Plugin plugin for WordPress is vulnerable to Privilege Escalation in versions 0.9.0-beta2 to 1.8.2. This is due to the /easycommerce/v1/orders REST API endpoint not properly restricting the ability for users to select roles during registration. This makes it possible for unauthenticated attackers to gain administrator-level access to a vulnerable site."}], "title": "EasyCommerce \u2013 AI-Powered, Blazing-Fast & Beautiful WordPress Ecommerce Plugin 0.9.0-beta2 - 1.8.2 - Unauthenticated Privilege Escalation", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7ebe84ba-abc1-410c-b315-118746ff235a?source=cve"}, {"url": "https://wordpress.org/plugins/easycommerce/"}, {"url": "https://plugins.trac.wordpress.org/changeset/3392029/easycommerce/trunk/app/Abstracts/User.php"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-269 Improper Privilege Management", "cweId": "CWE-269", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL"}}], "credits": [{"lang": "en", "type": "finder", "value": "Kenneth Dunn"}], "timeline": [{"time": "2025-11-10T15:10:06.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-11-14T15:25:23.838688Z", "id": "CVE-2025-11457", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-14T15:31:28.650Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-11457", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-11-14T15:25:23.838688Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-14T15:25:24.460Z"}}], "cna": {"title": "EasyCommerce \u2013 AI-Powered, Blazing-Fast & Beautiful WordPress Ecommerce Plugin 0.9.0-beta2 - 1.8.2 - Unauthenticated Privilege Escalation", "credits": [{"lang": "en", "type": "finder", "value": "Kenneth Dunn"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}], "affected": [{"vendor": "easycommerce", "product": "EasyCommerce \u2013 AI-Powered WordPress Ecommerce Plugin to Sell Digital Products, Subscriptions & Physical Goods", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.8.2"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-11-10T15:10:06.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7ebe84ba-abc1-410c-b315-118746ff235a?source=cve"}, {"url": "https://wordpress.org/plugins/easycommerce/"}, {"url": "https://plugins.trac.wordpress.org/changeset/3392029/easycommerce/trunk/app/Abstracts/User.php"}], "descriptions": [{"lang": "en", "value": "The EasyCommerce \u2013 AI-Powered, Fast & Beautiful WordPress Ecommerce Plugin plugin for WordPress is vulnerable to Privilege Escalation in versions 0.9.0-beta2 to 1.8.2. This is due to the /easycommerce/v1/orders REST API endpoint not properly restricting the ability for users to select roles during registration. This makes it possible for unauthenticated attackers to gain administrator-level access to a vulnerable site."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:03:15.415Z"}}}, "cveMetadata": {"cveId": "CVE-2025-11457", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:03:15.415Z", "dateReserved": "2025-10-07T18:32:16.049Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-11-11T03:30:43.033Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The EasyCommerce \u2013 AI-Powered, Fast & Beautiful WordPress Ecommerce Plugin plugin for WordPress is vulnerable to Privilege Escalation in versions 0.9.0-beta2 to 1.8.2. This is due to the /easycommerce/v1/orders REST API endpoint not properly restricting the ability for users to select roles during registration. This makes it possible for unauthenticated attackers to gain administrator-level access to a vulnerable site."}], "id": "CVE-2025-11457", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-11-11T04:15:41.627", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3392029/easycommerce/trunk/app/Abstracts/User.php"}, {"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/easycommerce/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7ebe84ba-abc1-410c-b315-118746ff235a?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T12:25:34.171114+00:00", "value": {"mitigation_remediation": ["Upgrade the EasyCommerce plugin to the latest version (\u22651.8.3) that removes the role selection flaw.", "If an upgrade is not immediately possible, block unauthenticated access to the /easycommerce/v1/orders endpoint using a firewall or plugin settings.", "Review user registration and role assignment configurations to ensure only authenticated, authorized users can assign privileged roles.", "Deploy a Web Application Firewall rule that rejects any request attempting to specify an admin role during registration."], "summary": {"action": "Immediate Patch", "impact": "Unauthenticated Privilege Escalation"}, "threat_synthesis": {"affected_systems": "The flaw affects EasyCommerce \u2013 AI\u2011Powered WordPress Ecommerce Plugin versions 0.9.0\u2011beta2 through 1.8.2. Any site running this plugin within that range is vulnerable, regardless of other configurations. The plugin is distributed via the official WordPress plugin repository and used to sell digital products, subscriptions, and physical goods.", "description_and_impact": "The vulnerability resides in the /easycommerce/v1/orders REST API of the EasyCommerce WordPress plugin. The endpoint fails to enforce role restrictions during user registration, permitting any unauthenticated caller to specify an elevated role. This flaw allows an attacker with no credentials to submit a request that promotes the new user to an administrator, thereby gaining full control of the WordPress site. The flaw is a clear instance of improper authorization (CWE-269) that can compromise confidentiality, integrity, and availability.", "risk_and_exploitability": "With an unscoped Privilege Escalation CVSS score of 9.8, the risk is severe. The EPSS score is under 1\u202f%, indicating that current automation targeting this issue is rare, and the vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog. Nonetheless, the attack vector is straightforward: a remote attacker can issue an unauthenticated REST request to the vulnerable endpoint, supply parameters that assign an administrator role, and immediately gain full administrative access. Because no authentication or privilege checks precede role assignment, exploitation requires minimal technical skill or resources."}}}}, "created": "2025-11-12T12:48:00.161422+00:00", "updated": "2026-04-22T12:30:16.834241+00:00", "vendors": ["easycommerce", "easycommerce$PRODUCT$ai-powered_wordpress_ecommerce_plugin", "wordpress", "wordpress$PRODUCT$wordpress"]}