VYPR

Amazon Products to WooCommerce

by WordPress

CVEs (2)

  • CVE-2025-5817HigJul 2, 2025
    risk 0.47cvss 7.2epss 0.00

    The Amazon Products to WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.2.7 via the wcta2w_get_urls(). This makes it possible for unauthenticated attackers to make web requests to arbitrary locations…

  • CVE-2025-5813MedJun 26, 2025
    risk 0.34cvss 5.3epss 0.00

    The Amazon Products to WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wcta2w_get_amazon_product_callback() function in all versions up to, and including, 1.2.7. This makes it possible for…