Vulnerability Description
The Sunshine Photo Cart: Free Client Photo Galleries for Photographers plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.11. This is due to the plugin not properly validating a user-supplied key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary user's passwords through the password reset functionality, including administrators, and leverage that to reset the user's password and gain access to their account.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sunshinephotocart | Sunshine Photo Cart | < 3.4.12 |
Related Weaknesses (CWE)
References
- https://plugins.trac.wordpress.org/browser/sunshine-photo-cart/trunk/includes/fuProduct
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&newPatch
- https://www.wordfence.com/threat-intel/vulnerabilities/id/5311b43c-14dd-4bdd-b6dThird Party Advisory
FAQ
What is CVE-2025-5482?
CVE-2025-5482 is a vulnerability with a CVSS score of 8.8 (HIGH). The Sunshine Photo Cart: Free Client Photo Galleries for Photographers plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.11. Thi...
How severe is CVE-2025-5482?
CVE-2025-5482 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-5482?
Check the references section above for vendor advisories and patch information. Affected products include: Sunshinephotocart Sunshine Photo Cart.