Missing Authorization Vulnerability in Authorize.Net CIM Payment Gateway for WooCommerce
CVE-2025-68013
6.5MEDIUM
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 22 January 2026
What is CVE-2025-68013?
A critical security flaw has been identified in the Authorize.Net CIM payment gateway plugin for WooCommerce. This missing authorization vulnerability allows unauthorized access due to improperly configured access control security levels. If exploited, this could enable potential attackers to bypass security measures, affecting the integrity of transactions. Users are encouraged to update to the latest version to mitigate this risk.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Payment Gateway Authorize.Net CIM for WooCommerce <= n/a
References
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
0xd4rk5id3 | Patchstack Bug Bounty Program