CVE-2025-23991

Vulnerability

The Product Size Charts Plugin for WooCommerce (woo-advanced-product-size-chart) versions up to and including 2.4.5 contain a missing authorization vulnerability in the REST API. The plugin does not properly verify user permissions for certain API routes, allowing unauthorized access to size chart data. The issue affects all installations using the plugin versions from n/a through 2.4.5 [1].

Exploitation

An unauthenticated attacker can exploit this by sending crafted HTTP requests to the vulnerable REST API endpoints. No authentication or special privileges are required. The plugin's REST API endpoints that handle size chart data lack proper capability checks, enabling direct access to protected resources [1].

Impact

Successful exploitation allows an attacker to read, modify, or delete size chart data without proper authorization. This could lead to unauthorized disclosure of potentially sensitive configuration data, manipulation of product size information, or disruption of the store's size chart functionality. The vulnerability is classified as medium severity with a CVSS v3 score of 4.3 [1].

Mitigation

The vendor has released version 2.4.8 which addresses this vulnerability. Users should update to version 2.4.8 or later. No workaround is available for unpatched versions [1]. The plugin is currently tested up to WordPress 6.9.4 [1].