Back to overview

CVE-2026-7655

HIGH
8.1
CVSS 3.1
Description
The SureCart plugin for WordPress is vulnerable to privilege escalation via account takeover in versions up to, and including, 4.2.3. This is due to the plugin not properly validating a user's identity prior to updating their details like email during customer profile synchronization from webhook events. This makes it possible for unauthenticated attackers to change linked user's email addresses, including administrators if the administrator account is linked to a SureCart customer record, and leverage that to reset the user's password and gain access to their account if the customer ID is known.

Metadata

CVE ID
CVE-2026-7655
State
PUBLISHED
Assigner
Wordfence
Reserved
2026-05-01 18:32 UTC
Published
2026-07-11 04:32 UTC
Last updated
2026-07-11 04:32 UTC
Primary CWE
CWE-640
CWE-640 Weak Password Recovery Mechanism for Forgotten Passw…
Vendor / Product
surecart / SureCart – Ecommerce Made Easy For Selling Physical Products, Digital Downloads, Subscriptions, Donations, & Payments
Sources
cve.org  ·  NVD

Severity & Metrics

8.1 HIGH CVSS 3.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products (1)
VendorProductPlatformVersions
surecart SureCart – Ecommerce Made Easy For Selling Physical Products, Digital Downloads, Subscriptions, Donations, & Payments 0 ≤ 4.2.3
Weakness (CWE)
CWESourceDescription
CWE-640 cna CWE-640 Weak Password Recovery Mechanism for Forgotten Password
CVSS scores (1)
ScoreSeverityVersionSourceVector
8.1 HIGH 3.1 cna CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Back to overview