CVE-2025-4335
📋 TL;DR
The WooCommerce Multiple Addresses plugin for WordPress has a privilege escalation vulnerability that allows authenticated users with Subscriber-level access or higher to elevate their privileges to Administrator. This occurs due to insufficient restrictions in the save_multiple_shipping_addresses() function. All WordPress sites using this plugin up to version 1.0.7.1 are affected.
💻 Affected Systems
- WooCommerce Multiple Addresses WordPress Plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers gain full administrative control over the WordPress site, allowing them to install malicious plugins/themes, modify content, steal sensitive data, or take the site offline.
Likely Case
Attackers elevate privileges to administrator and install backdoors, create new admin accounts, or modify e-commerce settings to redirect payments.
If Mitigated
With proper access controls and monitoring, attackers may be detected during privilege escalation attempts before causing significant damage.
🎯 Exploit Status
Exploitation requires authenticated access but is straightforward once an attacker has a valid user account.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.0.7.2 or later
Vendor Advisory: https://plugins.trac.wordpress.org/browser/woocommerce-multiple-addresses/trunk/class-woocommerce-multiple-addresses.php#L522
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'WooCommerce Multiple Addresses'. 4. Click 'Update Now' if available. 5. Alternatively, download version 1.0.7.2+ from WordPress.org and manually update.
🔧 Temporary Workarounds
Disable Plugin
allTemporarily deactivate the vulnerable plugin until patched
wp plugin deactivate woocommerce-multiple-addresses
Restrict User Registration
allDisable new user registration to prevent attackers from creating accounts
🧯 If You Can't Patch
- Disable the WooCommerce Multiple Addresses plugin immediately
- Implement strict user role monitoring and review all administrator accounts for unauthorized changes
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel → Plugins → Installed Plugins → WooCommerce Multiple Addresses versionCheck Version:
wp plugin get woocommerce-multiple-addresses --field=versionVerify Fix Applied:
Verify plugin version is 1.0.7.2 or higher after update📡 Detection & Monitoring
Log Indicators:
- Unusual user role changes from subscriber/author to administrator
- Multiple failed privilege escalation attempts in WordPress logs
- Unexpected modifications to user_meta database table
Network Indicators:
- POST requests to /wp-admin/admin-ajax.php with action=save_multiple_shipping_addresses from non-admin users
SIEM Query:
source="wordpress" AND (event="user_role_change" OR event="privilege_escalation_attempt")