CVE-2025-31802

Missing Authorization vulnerability in Shiptimize Shiptimize for WooCommerce shiptimize-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shiptimize for WooCommerce: from n/a through <= 3.1.86.

CVSS

No CVSS.

References

Link	Resource
https://patchstack.com/database/Wordpress/Plugin/shiptimize-for-woocommerce/vulnerability/wordpress-shiptimize-for-woocommerce-plugin-3-1-86-settings-change-vulnerability?_s_id=cve

Configurations

No configuration.

History

01 Apr 2026, 17:21

Type	Values Removed	Values Added
Summary		(es) Vulnerabilidad de falta de autorización en Shiptimize Shiptimize for WooCommerce permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Shiptimize para WooCommerce desde la versión n/d hasta la 3.1.86.
Summary	(en) Missing Authorization vulnerability in Shiptimize Shiptimize for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Shiptimize for WooCommerce: from n/a through 3.1.86.	(en) Missing Authorization vulnerability in Shiptimize Shiptimize for WooCommerce shiptimize-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shiptimize for WooCommerce: from n/a through <= 3.1.86.
References	{'url': 'https://patchstack.com/database/wordpress/plugin/shiptimize-for-woocommerce/vulnerability/wordpress-shiptimize-for-woocommerce-plugin-3-1-86-settings-change-vulnerability?_s_id=cve', 'source': 'audit@patchstack.com'}	() https://patchstack.com/database/Wordpress/Plugin/shiptimize-for-woocommerce/vulnerability/wordpress-shiptimize-for-woocommerce-plugin-3-1-86-settings-change-vulnerability?_s_id=cve -
CVSS	v2 : ~~unknown~~ v3 : ~~5.4~~	v2 : unknown v3 : unknown

01 Apr 2025, 15:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-01 15:16

Updated : 2026-04-15 00:35

NVD link : CVE-2025-31802

Mitre link : CVE-2025-31802

CVE.ORG link : CVE-2025-31802

JSON object : View

Products Affected

No product.

CWE

CWE-862

Missing Authorization

JSON object

Attach tags to CVE-2025-31802

Attach tags to `CVE-2025-31802`