Lucene search
K

4 matches found

NVD
NVD
added 2026/04/01 6:16 a.m.6 views

CVE-2025-15484

The Order Notification for WooCommerce WordPress plugin before 3.6.3 overrides WooCommerce's permission checks to grant full access to all unauthenticated requests, enabling complete read/write access to store resources like products, coupons, and customers...

9.1CVSS0.00237EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/01 6:0 a.m.4 views

CVE-2025-15484 Order Notification for WooCommerce < 3.6.3 - Unauthenticated WooCommerce REST Permission Bypass

The Order Notification for WooCommerce WordPress plugin before 3.6.3 overrides WooCommerce's permission checks to grant full access to all unauthenticated requests, enabling complete read/write access to store resources like products, coupons, and customers...

5.9AI score0.00237EPSS
Exploits0References1
CVE
CVE
added 2026/04/01 6:0 a.m.19 views

CVE-2025-15484

The CVE-2025-15484 entry concerns the WordPress plugin Order Notification for WooCommerce. Multiple sources confirm that versions prior to 3.6.3 bypass WooCommerce permission checks, allowing unauthenticated requests to perform full read/write operations on store resources (e.g., products, coupon...

9.1CVSS5.9AI score0.00237EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/01 6:0 a.m.33 views

CVE-2025-15484 Order Notification for WooCommerce < 3.6.3 - Unauthenticated WooCommerce REST Permission Bypass

The Order Notification for WooCommerce WordPress plugin before 3.6.3 overrides WooCommerce's permission checks to grant full access to all unauthenticated requests, enabling complete read/write access to store resources like products, coupons, and customers...

0.00237EPSS
Exploits0References1
Rows per page
Query Builder