CVE-2025-24633
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Published Jan 24, 2025
CWE ID 862
Summary
CVE-2025-24633 is a Missing Authorization vulnerability that affects the Build Private Store For Woocommerce plugin from version n/a through 1.0. This issue allows unauthorized access to functionality, enabling attackers to exploit incorrectly configured access control security levels. The vulnerability can potentially lead to significant data breaches or site takeover if left unaddressed. Users of the Build Private Store For Woocommerce plugin are strongly advised to update to the latest patched version to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share