Goal Reached Thanks to every supporter β€” we hit 100%!

Goal: 1000 CNY Β· Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-8570 PoC β€” BeyondCart Connector <= 3.0.1 - Missing Configuration of JWT Secret to Unauthenticated Privilege Escalation via determin

Source
https://github.com/chimdi2700/CVE-2025-8570
Associated Vulnerability
Title:BeyondCart Connector <= 3.0.1 - Missing Configuration of JWT Secret to Unauthenticated Privilege Escalation via determine_current_user Filter (CVE-2025-8570)
Description:The BeyondCart Connector plugin for WordPress is vulnerable to Privilege Escalation due to improper JWT secret management and authorization within the determine_current_user filter in versions 1.4.2 through 3.0.1. This makes it possible for unauthenticated attackers to craft valid tokens and assume any user’s identity.
Description
BeyondCart Connector <= 2.1.0 - Missing Configuration of JWT Secret to Unauthenticated Privilege Escalation 🚨 BeyondCart Connector <= 2.1.0 - JWT Privilege Escalation (CVE-2025-8570)
File Snapshot

 [4.0K]  /data/pocs/2e7b89e41d021471d7650642b95d630c5f7af3d0

0 directories, 0 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers β€” if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online β€” thank you for the support. View subscription plans β†’