CVE-2025-12955 | delabon Live Sales Notification for Woocommerce Plugin up to 2.3.39 on WordPress Customer Information getOrders authorization

Inserito da Angelo Barbosa | Nov 18, 2025 | CVE

A vulnerability, which was classified as problematic, was found in delabon Live Sales Notification for Woocommerce Plugin up to 2.3.39 on WordPress. This issue affects the function getOrders of the component Customer Information Handler. The manipulation results in missing authorization.

This vulnerability is cataloged as CVE-2025-12955. The attack may be launched remotely. There is no exploit available.

CVE-2025-12955 | delabon Live Sales Notification for Woocommerce Plugin up to 2.3.39 on WordPress Customer Information getOrders authorization

Post correlati

CVE-2023-48848 | ureport 2.2.9 Path path traversal

CVE-2024-6585 | Lightdash 0.510.3/0.1027.2 cross site scripting (GHSA-6529-6jv3-66q2)

CVE-2022-49145 | Linux Kernel up to 5.17.1 out-of-bounds

CVE-2024-27985 | PropertyHive Plugin up to 2.0.9 on WordPress deserialization