PT-2025-44598 · Unknown+1 · Woocommerce+1
Published
2025-10-31
·
Updated
2025-10-31
·
CVE-2025-12115
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
WPC Name Your Price for WooCommerce plugin for WordPress versions up to and including 2.1.9
Description
The WPC Name Your Price for WooCommerce plugin for WordPress is susceptible to unauthorized price alteration. This occurs because the plugin does not prevent users from entering a custom price even when this feature is disabled for a specific product. This allows unauthenticated attackers to purchase products at reduced prices.
Recommendations
Update the WPC Name Your Price for WooCommerce plugin to a version later than 2.1.9.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wpc Name Your Price For Woocommerce
Woocommerce