CVE-2025-12820
Pure WC Variation Swatches <= 1.1.7 - Unauthenticated Settings Update
The Pure WC Variation Swatches WordPress plugin through 1.1.7 does not have an authorization check when updating its settings, which could allow any authenticated users to update them.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Affected products
Unknown · Pure WC Variation SwatchesWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →