Critical severity9.8NVD Advisory· Published Sep 11, 2025· Updated Apr 15, 2026
CVE-2025-8570
CVE-2025-8570
Description
The BeyondCart Connector plugin for WordPress is vulnerable to Privilege Escalation due to improper JWT secret management and authorization within the determine_current_user filter in versions 1.4.2 through 3.0.1. This makes it possible for unauthenticated attackers to craft valid tokens and assume any user’s identity.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: >=1.4.2, <=3.0.1
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.