WordPress · Product Options/Price Calculation Formulas For Woocommerce – Uni Cpo · CVE-2025-13391
**Name of the Vulnerable Software and Affected Versions**
Product Options and Price Calculation Formulas for WooCommerce – Uni CPO (Premium) versions through 4.9.60
**Description**
The Product Options and Price Calculation Formulas for WooCommerce – Uni CPO (Premium) plugin for WordPress has a flaw that could allow unauthorized data loss. A missing capability check within the `uni cpo remove file` function permits unauthenticated attackers to delete arbitrary attachments or files stored in Dropbox, provided the file path is known.
**Recommendations**
Update to a version beyond 4.9.60.