CVE-2025-31843

MEDIUM

Published April 1, 2025

Missing Authorization vulnerability in Wilson OpenAI Tools for WordPress & WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects OpenAI Tools for...

Full analysis pending. Showing NVD description excerpt.

Severity & Risk

CVSS 3.1

4.3 / 10

EPSS

N/A

KEV Status

Not in KEV

Sophistication

N/A

Recommended Action

No patch available

Monitor for updates. Consider compensating controls or temporary mitigations.

Compliance Impact

Compliance analysis pending. Sign in for full compliance mapping when available.

Technical Details

NVD Description

Missing Authorization vulnerability in Wilson OpenAI Tools for WordPress & WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects OpenAI Tools for WordPress & WooCommerce: from n/a through 2.1.5.

Weaknesses (CWE)

CWE-862

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

References

patchstack.com/database/wordpress/plugin/openai-tools-for-wp-wc/vulnerability/wordpress-openai-tools-for-wordpress-woocommerce-plugin-2-1-5-broken-access-control-vulnerability

Timeline

Published

April 1, 2025

Last Modified

April 1, 2025

First Seen

April 1, 2025

Back to Threat Feed