CVE-2025-5813
📋 TL;DR
The Amazon Products to WooCommerce WordPress plugin has an authentication bypass vulnerability that allows unauthenticated attackers to create new products without proper authorization. This affects all WordPress sites using this plugin up to version 1.2.7. Attackers can exploit this to add malicious or fraudulent products to WooCommerce stores.
💻 Affected Systems
- Amazon Products to WooCommerce WordPress plugin
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Attackers flood the site with malicious products containing harmful content, SEO spam, or phishing links, potentially damaging business reputation and search engine rankings.
Likely Case
Attackers create spam products to promote malicious websites, generate fake inventory, or disrupt normal store operations.
If Mitigated
With proper monitoring and quick response, impact is limited to temporary store disruption and cleanup of unauthorized products.
🎯 Exploit Status
The vulnerability is simple to exploit via direct HTTP requests to the vulnerable callback function without authentication.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.2.8 or later
Vendor Advisory: https://plugins.trac.wordpress.org/browser/import-products-to-wc/trunk/inc/functions.php
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Go to Plugins → Installed Plugins. 3. Find 'Amazon Products to WooCommerce'. 4. Click 'Update Now' if available. 5. If no update appears, manually download version 1.2.8+ from WordPress.org and replace plugin files.
🔧 Temporary Workarounds
Disable vulnerable plugin
allTemporarily deactivate the plugin until patched
wp plugin deactivate import-products-to-wc
Web Application Firewall rule
allBlock requests to the vulnerable callback endpoint
Block HTTP requests containing 'wcta2w_get_amazon_product_callback' in URL
🧯 If You Can't Patch
- Remove the plugin completely if not essential for business operations
- Implement strict monitoring of product creation logs and set up alerts for suspicious activity
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin → Plugins → Amazon Products to WooCommerce → Version. If version is 1.2.7 or lower, you are vulnerable.Check Version:
wp plugin get import-products-to-wc --field=versionVerify Fix Applied:
After updating, verify plugin version shows 1.2.8 or higher in WordPress admin panel.📡 Detection & Monitoring
Log Indicators:
- Unusual product creation events from unauthenticated IPs
- Multiple POST requests to /wp-admin/admin-ajax.php with action 'wcta2w_get_amazon_product_callback'
Network Indicators:
- HTTP POST requests to admin-ajax.php with the vulnerable callback parameter from external IPs
SIEM Query:
source="wordpress.log" AND "wcta2w_get_amazon_product_callback" AND (user="-" OR user="unauthenticated")