CVE-2025-12039: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor in devsmip BigBuy Dropshipping Connector for WooCommerce
The BigBuy Dropshipping Connector for WooCommerce plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 2.0.5 due to insufficient IP address validation and use of user-supplied HTTP headers as a primary method for IP retrieval. This makes it possible for unauthenticated attackers to retrieve the output of phpinfo().
AI Analysis
Technical Summary
CVE-2025-12039 is a medium severity vulnerability in the BigBuy Dropshipping Connector for WooCommerce plugin caused by insufficient validation of IP addresses. The plugin relies on user-supplied HTTP headers to determine the client's IP address, which can be spoofed by unauthenticated attackers. This flaw enables attackers to retrieve the output of the phpinfo() function, potentially exposing sensitive server configuration details. The vulnerability affects all versions up to and including 2.0.5. No patch or official remediation has been published yet.
Potential Impact
An unauthenticated attacker can exploit this vulnerability to obtain sensitive server information via phpinfo() output. This exposure could aid attackers in further reconnaissance or targeted attacks but does not directly allow code execution or data modification. The impact is limited to information disclosure.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should consider restricting access to the vulnerable plugin or disabling it if possible to prevent unauthorized information disclosure.
CVE-2025-12039: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor in devsmip BigBuy Dropshipping Connector for WooCommerce
Description
The BigBuy Dropshipping Connector for WooCommerce plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 2.0.5 due to insufficient IP address validation and use of user-supplied HTTP headers as a primary method for IP retrieval. This makes it possible for unauthenticated attackers to retrieve the output of phpinfo().
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2025-12039 is a medium severity vulnerability in the BigBuy Dropshipping Connector for WooCommerce plugin caused by insufficient validation of IP addresses. The plugin relies on user-supplied HTTP headers to determine the client's IP address, which can be spoofed by unauthenticated attackers. This flaw enables attackers to retrieve the output of the phpinfo() function, potentially exposing sensitive server configuration details. The vulnerability affects all versions up to and including 2.0.5. No patch or official remediation has been published yet.
Potential Impact
An unauthenticated attacker can exploit this vulnerability to obtain sensitive server information via phpinfo() output. This exposure could aid attackers in further reconnaissance or targeted attacks but does not directly allow code execution or data modification. The impact is limited to information disclosure.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should consider restricting access to the vulnerable plugin or disabling it if possible to prevent unauthorized information disclosure.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- Wordfence
- Date Reserved
- 2025-10-21T18:20:51.066Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 69202539cf2d47c3899a7b1f
Added to database: 11/21/2025, 8:39:21 AM
Last enriched: 4/9/2026, 8:56:11 PM
Last updated: 5/10/2026, 10:02:04 AM
Views: 155
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.