Vulnerability in Order Notification For Woocommerce
CVE-2025-15484
The Order Notification for WooCommerce WordPress plugin before 3.6.3 overrides WooCommerce's permission checks to grant full access to all unauthenticated requests, enabling complete read/write access to store resources like products, cou…
EPSS: 0.000 (13.4th percentile) — read the EPSS interpretation.
Affected products
- Unknown Order Notification For Woocommerce — versions 0
References
- wpscan.com/vulnerability/ee9f1c0c-86bb-4922-9eb5-8aae78003eff/ (exploit, vdb-entry, technical-description)