CVE-2025-13457

The WooCommerce Square plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.1 via the get_token_by_id function due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to expose arbitrary Square "ccof" (credit card on file) values and leverage this value to potentially make fraudulent charges on the target site.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://plugins.trac.wordpress.org/changeset/3415850/woocommerce-square
https://www.wordfence.com/threat-intel/vulnerabilities/id/c7f4f726-7e53-4397-8d8b-7a574326adc6?source=cve

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) El plugin WooCommerce Square para WordPress es vulnerable a Referencia Directa Insegura a Objeto en todas las versiones hasta e incluyendo la 5.1.1 a través de la función get_token_by_id debido a la falta de validación en una clave controlada por el usuario. Esto hace posible que atacantes no autenticados expongan valores 'ccof' (tarjeta de crédito archivada) arbitrarios de Square y aprovechen este valor para potencialmente realizar cargos fraudulentos en el sitio objetivo.

10 Jan 2026, 04:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-01-10 04:15

Updated : 2026-04-15 00:35

NVD link : CVE-2025-13457

Mitre link : CVE-2025-13457

CVE.ORG link : CVE-2025-13457

JSON object : View

Products Affected

No product.

CWE

CWE-639

Authorization Bypass Through User-Controlled Key

7.5 /10