Missing Authorization Vulnerability in WooCommerce File Uploads Addon by Imaginate Solutions
CVE-2026-24625
5.3MEDIUM
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 23 January 2026
What is CVE-2026-24625?
A missing authorization vulnerability in the Imaginate Solutions File Uploads Addon for WooCommerce exposes users to potential security risks. This issue arises from incorrectly configured access control security levels in versions up to 1.7.3, which may allow unauthorized access and actions within the WooCommerce platform. Properly managing access controls is crucial for maintaining the integrity and security of file uploads in e-commerce operations.
Affected Version(s)
File Uploads Addon for WooCommerce 0 <= 1.7.3