CVE-2025-23527

Name of the Vulnerable Software and Affected Versions WC Wallet versions n/a through 2.2.0

Description The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by Access Control Lists (ACLs). ACLs are used to define permissions for accessing certain resources or functionalities. In this context, the lack of proper constraints means that unauthorized access to certain functions is possible.

Recommendations For WC Wallet versions n/a through 2.2.0, consider restricting access to sensitive functionalities until a proper fix is implemented to ensure that ACLs are correctly applied to constrain access. As a temporary workaround, review and manually enforce access controls to minimize the risk of unauthorized access.