Vulnerabilities

CVE-2025-8570

by Fred · 11/09/2025

The BeyondCart Connector plugin for WordPress is vulnerable to Privilege Escalation due to improper JWT secret management and authorization within the determine_current_user filter in versions 1.4.2 through 2.1.0. This makes it possible for unauthenticated attackers to craft valid tokens and assume any user’s identity.

More information : https://wordpress.org/plugins/beyondcart/#developers

Similar

Tags: Cybersecurity Alert