{"vulnerability": "cve-2025-3530", "sightings": [{"uuid": "c216c17c-a481-4699-b44e-3c25153d6048", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3530", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnhuhj2qcb2r", "content": "", "creation_timestamp": "2025-04-23T09:20:00.188242Z"}, {"uuid": "529ca6e3-c3b0-47ef-99a9-871437ecf19b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3530", "type": "seen", "source": "https://t.me/cvedetector/23581", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3530 - WordPress Simple Shopping Cart Price Tampering Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3530 \nPublished : April 23, 2025, 8:15 a.m. | 1\u00a0hour, 57\u00a0minutes ago \nDescription : The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to product price manipulation in all versions up to, and including, 5.1.2. This is due to a logic flaw involving the inconsistent use of parameters during the cart addition process. The plugin uses the parameter 'product_tmp_two' for computing a security hash against price tampering while using 'wspsc_product' to display the product, allowing an unauthenticated attacker to substitute details from a cheaper product and bypass payment for a more expensive item. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-23T12:48:32.000000Z"}]}