CVE-2025-5813 – Amazon Products to WooCommerce Plugin Unauthenticated Product Creation Vulnerability

June 26, 2025

CVE ID : CVE-2025-5813

Published : June 26, 2025, 3:15 a.m. | 1 hour, 52 minutes ago

Description : The Amazon Products to WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wcta2w_get_amazon_product_callback() function in all versions up to, and including, 1.2.7. This makes it possible for unauthenticated attackers to create new produces.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5929 – WordPress Countdown Stored Cross-Site Scripting Vulnerability

Next Article CVE-2025-5275 – WordPress Charitable Donation Plugin Stored Cross-Site Scripting

GitHub’s CEO Thomas Dohmke steps down, triggering tighter integration of company within Microsoft

bitHuman launches SDK for creating AI avatars

Designing With AI, Not Around It: Practical Advanced Techniques For Product Design Use Cases

Why Companies Are Investing in AI-Powered React.js Development Services in 2025

I found a Google Maps alternative that won’t track you or drain your battery – and it’s free

I tested this new AI podcast tool to see if it can beat NotebookLM – here’s how it did

Microsoft’s new update makes your taskbar a productivity hub – here’s how

Save $50 on the OnePlus Pad 3 plus get a free gift – here’s the deal

Laravel Global Scopes: Automatic Query Filtering

Laravel Global Scopes: Automatic Query Filtering

Building MCP Servers in PHP

Filament v4 is Stable!

I Asked OpenAI’s New Open-Source AI Model to Complete a Children’s School Test — Is It Smarter Than a 10-Year-Old?

I Asked OpenAI’s New Open-Source AI Model to Complete a Children’s School Test — Is It Smarter Than a 10-Year-Old?

Madden NFL 26 Leads This Week’s Xbox Drops—But Don’t Miss These Hidden Gems

ASUS G14 Bulked Up for 2025—Still Sexy, Just a Bit Chonkier

CVE-2025-5813 – Amazon Products to WooCommerce Plugin Unauthenticated Product Creation Vulnerability

Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability

WinRAR zero-day exploited in espionage attacks against high-value targets

CVE-2025-7814 – Food Ordering Review System SQL Injection Vulnerability

Rilasciata FunOS 25.04: la Distribuzione GNU/Linux Leggera e Moderna Basata su Ubuntu 25.04

Move over ChatGPT: This tiny voice recorder is my new favorite AI assistant. Here’s why

VersaTiles – generate, process, store, serve, and render map tiles

CVE-2025-28036 – TOTOLINK A950RG Remote Command Execution Vulnerability

Is DeepSeek AI a “profound threat” to U.S. national security? A report suggests the Chinese startup unlawfully stole OpenAI’s data, too.

CVE-2025-46191 – SourceCodester Client Database Management System Remote Code Execution Vulnerability

CVE-2025-35978 – UpdateNavi UpdateNaviInstallService Remote Code Execution

CVE-2025-5813 – Amazon Products to WooCommerce Plugin Unauthenticated Product Creation Vulnerability

Related Posts