CVE-2025-5813 – Amazon Products to WooCommerce Plugin Unauthenticated Product Creation Vulnerability

June 26, 2025

CVE ID : CVE-2025-5813

Published : June 26, 2025, 3:15 a.m. | 1 hour, 52 minutes ago

Description : The Amazon Products to WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wcta2w_get_amazon_product_callback() function in all versions up to, and including, 1.2.7. This makes it possible for unauthenticated attackers to create new produces.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5929 – WordPress Countdown Stored Cross-Site Scripting Vulnerability

Next Article CVE-2025-5275 – WordPress Charitable Donation Plugin Stored Cross-Site Scripting

How AI further empowers value stream management

12 Top ReactJS Development Companies in 2025

Not sure where to go with AI? Here’s your roadmap.

This week in AI dev tools: A2A donated to Linux Foundation, OpenAI adds Deep Research to API, and more (June 27, 2025)

The next big HDMI leap has arrived – here’s how these 16K cables will shake things up

Here’s how you can still trade in any phone at Verizon to get an iPhone, iPad, and Apple Watch free

Anthropic has a plan to combat AI-triggered job losses predicted by its CEO

Forget Google and Microsoft: OpenAI may be building the ultimate work suite of apps and services

Say hello to ECMAScript 2025

Say hello to ECMAScript 2025

Ecma International approves ECMAScript 2025: What’s new?

Building Together: PRFT Colleagues Volunteer with Atlanta Habitat for Humanity

Fix Elden Ring Nightreign Connection Errors And Server Login Failure PC

Fix Elden Ring Nightreign Connection Errors And Server Login Failure PC

Fix Now EAC Error 20006 in Elden Ring: Nightreign [6 Easy Tricks]

Fix Now Elden Ring Nightreign EAC Error 30005 (CreateFile Failed)

CVE-2025-5813 – Amazon Products to WooCommerce Plugin Unauthenticated Product Creation Vulnerability

CVE-2025-53097 – Roo Code Schema Fetching File Read and Write Vulnerability

CVE-2025-53098 – Roo Code MCP Configuration Command Injection Vulnerability

Every Xbox and PC game announced during Summer Game Fest and the Xbox Games Showcase in 2025

CVE-2025-52574 – SysmonElixir File Reading Arbitrary File Disclosure

CVE-2025-47893 – Apache HTTP Server Cross-Site Request Forgery

Unlock opportunities and showcase your skills with a Webflow Expert badge

CVE-2025-1330 – IBM CICS TX DNS Code Injection

CVE-2025-48207 – TYPO3 Reint Download Manager Insecure Direct Object Reference (IDOR)

Even though Xbox is losing the console war, ironically, it is the console war that makes it superior, gamers agree

CVE-2025-3438 – WordPress WCFM Marketplace MStore API Privilege Escalation

CVE-2025-5813 – Amazon Products to WooCommerce Plugin Unauthenticated Product Creation Vulnerability

Related Posts