CVE-2025-15033 | Automattic WoooCommerce Plugin up to 10.4.2 on WordPress Configuration authorization

A vulnerability was found in Automattic WoooCommerce Plugin on WordPress and classified as problematic. This affects an unknown part of the component Configuration Handler. Executing manipulation can lead to authorization bypass.

This vulnerability appears as CVE-2025-15033. The attack may be performed from remote. There is no available exploit.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More