CVE-2025-12500

Published: Feb 19, 2026Modified: Feb 19, 2026

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Exploitability: 3.9 / Impact: 1.4

Source: security@wordfence.com

Description

The Checkout Field Manager (Checkout Manager) for WooCommerce plugin for WordPress is vulnerable to unauthenticated limited file upload in all versions up to, and including, 7.8.1. This is due to the plugin not properly verifying that a user is authorized to perform file upload actions via the "ajax_checkout_attachment_upload" function. This makes it possible for unauthenticated attackers to upload files to the server, though file types are limited to WordPress's default allowed MIME types (images, documents, etc.).

Related CWEs

CWE-434

Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (5)

https://plugins.trac.wordpress.org/browser/woocommerce-checkout-manager/tags/7.8.0/lib/class-upload.php#L143

Source: security@wordfence.com

https://plugins.trac.wordpress.org/browser/woocommerce-checkout-manager/tags/7.8.0/lib/class-upload.php#L19

Source: security@wordfence.com

https://plugins.trac.wordpress.org/browser/woocommerce-checkout-manager/tags/7.8.0/lib/class-upload.php#L30

Source: security@wordfence.com

https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3404371%40woocommerce-checkout-manager&new=3404371%40woocommerce-checkout-manager&sfp_email=&sfph_mail=

Source: security@wordfence.com

https://www.wordfence.com/threat-intel/vulnerabilities/id/e807480b-00c9-4340-bd05-b695b56e27ec?source=cve

Source: security@wordfence.com

Timeline

No history available yet.