4 matches found
CVE-2025-15484
The Order Notification for WooCommerce WordPress plugin before 3.6.3 overrides WooCommerce's permission checks to grant full access to all unauthenticated requests, enabling complete read/write access to store resources like products, coupons, and customers...
CVE-2025-15484 Order Notification for WooCommerce < 3.6.3 - Unauthenticated WooCommerce REST Permission Bypass
The Order Notification for WooCommerce WordPress plugin before 3.6.3 overrides WooCommerce's permission checks to grant full access to all unauthenticated requests, enabling complete read/write access to store resources like products, coupons, and customers...
CVE-2025-15484
The vulnerability CVE-2025-15484 affects the Order Notification for WooCommerce WordPress plugin (pre-3.6.3). The plugin overrides WooCommerce permission checks, allowing unauthenticated requests full read/write access to store resources (e.g., products, coupons, customers). This is a direct perm...
CVE-2025-15484 Order Notification for WooCommerce < 3.6.3 - Unauthenticated WooCommerce REST Permission Bypass
The Order Notification for WooCommerce WordPress plugin before 3.6.3 overrides WooCommerce's permission checks to grant full access to all unauthenticated requests, enabling complete read/write access to store resources like products, coupons, and customers...