{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-01T06:19:54.406","vulnerabilities":[{"cve":{"id":"CVE-2025-32226","sourceIdentifier":"audit@patchstack.com","published":"2025-04-04T16:15:31.863","lastModified":"2026-04-23T15:28:47.480","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Missing Authorization vulnerability in Anzar Ahmed Display product variations dropdown on shop page display-product-variations-dropdown-on-shop-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Display product variations dropdown on shop page: from n/a through <= 1.1.3."},{"lang":"es","value":"La vulnerabilidad de falta de autorización en Anzar Ahmed Display product variations dropdown on shop page permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta al menú desplegable de variaciones de producto de Anzar Ahmed en la página de la tienda: desde n/d hasta la versión 1.1.3."}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://patchstack.com/database/Wordpress/Plugin/display-product-variations-dropdown-on-shop-page/vulnerability/wordpress-display-product-variations-dropdown-on-shop-page-plugin-1-1-3-broken-access-control-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}}]}