Description
The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.1.2 via the 'file_url' parameter. This makes it possible for unauthenticated attackers to view potentially sensitive information and download a digital product without paying for it.
Published: 2025-04-23
Score: 8.2 High
EPSS: < 1% Very Low
KEV: No
Impact: Information Exposure
Action: Patch Immediately
AI Analysis

Impact

The WordPress Simple Shopping Cart plugin is affected by a vulnerability that allows sensitive information disclosure through the file_url parameter. This flaw enables attackers who do not have authentication credentials to access and download files or digital products that the plugin serves, potentially exposing private data or permitting unauthorized purchases.

Affected Systems

All installations of the WordPress Simple Shopping Cart plugin with a version equal to or earlier than 5.1.2 are affected. The issue resides in the handling of the file_url parameter inside the plugin’s code, which does not enforce any access checks before allowing the download or exposure of a requested file.

Risk and Exploitability

The CVSS score of 8.2 places this issue in the high severity range, while the EPSS score of less than 1% suggests a low probability of widespread exploitation at this time. The vulnerability is not listed in the CISA KEV catalog. Based on the description, it is inferred that an attacker can trigger the exposure by crafting a URL that includes a file_url parameter pointing to the desired file, thereby executing the flaw without site credentials.

Generated by OpenCVE AI on April 22, 2026 at 04:13 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the WordPress Simple Shopping Cart plugin to the latest available version that contains the fix for the file_url parameter issue.
  • If an immediate upgrade is not feasible, configure the web server or reverse proxy to block or reject HTTP requests that contain the file_url parameter before they reach the plugin.
  • Implement or enforce authentication checks for downloadable digital products so that a purchase confirmation or user authentication is required prior to file delivery.

Generated by OpenCVE AI on April 22, 2026 at 04:13 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-12243 The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.1.2 via the 'file_url' parameter. This makes it possible for unauthenticated attackers to view potentially sensitive information and download a digital product without paying for it.
History

Wed, 23 Apr 2025 07:30:00 +0000

Type Values Removed Values Added
Description The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.1.2 via the 'file_url' parameter. This makes it possible for unauthenticated attackers to view potentially sensitive information and download a digital product without paying for it.
Title WordPress Simple PayPal Shopping Cart <= 5.1.2 - Unauthenticated Information Exposure via file_url Parameter
Weaknesses CWE-201
References
Metrics cvssV3_1

{'score': 8.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T17:06:39.611Z

Reserved: 2025-04-11T20:42:09.953Z

Link: CVE-2025-3529

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2025-04-23T08:15:14.527

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-3529

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T04:15:07Z

Weaknesses