CVE-2025-30618
BaseFortify
Publication date: 2025-06-17
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-502 | The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a PHP Object Injection in the Rapyd Payment Extension for WooCommerce plugin (versions up to 1.2.0). It allows unauthenticated attackers to inject malicious objects during deserialization of untrusted data. This can lead to severe consequences such as remote code execution, SQL injection, path traversal, denial of service, and other attacks if a suitable Property Oriented Programming (POP) chain is available. [1]
How can this vulnerability impact me? :
The vulnerability can have critical impacts including remote code execution, which allows attackers to run arbitrary code on the server; SQL injection, which can compromise the database; path traversal, which can expose or modify files; denial of service, which can disrupt service availability; and potentially other attacks. Because it is unauthenticated and highly severe (CVSS 9.8), it is expected to be widely exploited, putting affected websites at significant risk. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring for signs of PHP Object Injection attacks targeting the Rapyd Payment Extension for WooCommerce plugin versions up to 1.2.0. Since the vulnerability allows unauthenticated remote code execution and other attacks, network intrusion detection systems (IDS) or web application firewalls (WAF) with signatures for PHP Object Injection attempts can help detect exploitation attempts. Additionally, server-side malware scanning is recommended to identify potential compromises. Specific commands are not provided, but professional incident response and server-side malware scanning tools should be used. Plugin-based malware scanners are discouraged as they can be tampered with by malware. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the Rapyd Payment Extension for WooCommerce plugin to version 1.2.1 or later, which contains the fix for this vulnerability. Until the update can be applied, users can apply the virtual patch (vPatch) provided by Patchstack to block attacks. Patchstack also offers automatic mitigation and auto-update options for vulnerable plugins. It is strongly advised to perform timely updates and consider professional incident response and server-side malware scanning if compromise is suspected. [1]