CVE-2025-13389 | Admin and Customer Messages after Order for WooCommerce Plugin get_order_by_id authorization

Inserito da Angelo Barbosa | Nov 25, 2025 | CVE

A vulnerability was found in Admin and Customer Messages after Order for WooCommerce Plugin on WordPress. It has been declared as problematic. This issue affects the function get_order_by_id. Such manipulation leads to missing authorization.

This vulnerability is listed as CVE-2025-13389. The attack may be performed from remote. There is no available exploit.

CVE-2025-13389 | Admin and Customer Messages after Order for WooCommerce Plugin get_order_by_id authorization

Post correlati

CVE-2025-52576 | kanboard up to 1.2.45 information exposure

CVE-2024-25199 | Open Robotics ROS2/Nav2 amcl_node.cpp map_sub_/map_free_map use after free

CVE-2025-24402 | Azure Service Fabric Plugin up to 1.6 on Jenkins cross-site request forgery

CVE-2024-10176 | Compact WP Audio Player Plugin up to 1.9.13 on WordPress Shortcode sc_embed_player cross site scripting