CVE-2025-32226

Summary

CVE-2025-32226 is a Missing Authorization vulnerability affecting the Anzar Ahmed Display product variations dropdown on shop pages. Malicious actors can exploit this issue by taking advantage of incorrectly configured access control security levels, gaining unauthorized access to the system. This vulnerability impacts Display product variations dropdown versions from n/a to 1.1.3. Successful exploitation may lead to various unintended actions and potential data breaches. System administrators are strongly advised to update the product to a secure version and implement appropriate access control measures to mitigate risks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.