CVE-2025-60121

CVE-2025-60121 refers to a Missing Authorization vulnerability in WooEvents (WooCommerce WordPress plugin) affecting versions up to 4.1.7. The Wordfence entry notes the issue with a CVSS v3.1 base score of 5.3 (Medium) and no patch is indicated as available in the provided documents. Exploitation...

WordPress WooEvents Plugin <= 4.1.2 is vulnerable to Arbitrary File Deletion

Software WooEvents Type Plugin Vulnerable versions = 4.1.2 Fixed in 4.1.3 OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Deletion CVE CVE-2024-8671 Patch priority Low CVSS severity Low 9.1 Developer Claim ownership PSID 843e8b0d0dc5 Credits Tonn Required privilege...