MEDIUM
Farktor
CVE published 2026-02-12
CVE-2025-13004
CVE-2025-13004 is a MEDIUM-severity authorization bypass vulnerability in Farktor Software's E-Commerce Package, affecting versions through 2025-11-27. The flaw stems from CWE-639 (Authorization Bypass Through User-Controlled Key), enabling authenticated attackers with low privileges to manipulate user-controlled variables and potentially escalate privileges or access unauthorized resources. The CVSS 3.1 [truncated]