2025-04-23 07:06:49
Wordfence
PUBLISHED
The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to product price manipulation in all versions up to, and including, 5.1.2. This is due to a logic flaw involving the inconsistent use of parameters during the cart addition process. The plugin uses the parameter product_tmp_two for computing a security hash against price tampering while using wspsc_product to display the product, allowing an unauthenticated attacker to substitute details from a cheaper product and bypass payment for a more expensive item.