CVE-2025-12955
The CVE-2025-12955 issue affects the WordPress plugin Live Sales Notification for WooCommerce (versions up to and including 2.3.39). The root cause is missing authorization and capability checks in the getOrders function when configured to display recent orders, allowing unauthenticated users to ...