This issue affects Woocommerce Envato Affiliates: from n/a through 1.2.1.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| AA-Team | Woocommerce Envato Affiliates | unaffected |
|
No data.
No data.
No data available yet.
No remediation available yet.
Tracking
Sign in to view the affected projects.
No advisories yet.
Tue, 26 May 2026 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Missing Authorization vulnerability in AA-Team Woocommerce Envato Affiliates allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Woocommerce Envato Affiliates: from n/a through 1.2.1. | |
| Title | WordPress Woocommerce Envato Affiliates plugin <= 1.2.1 - Settings Change vulnerability | |
| Weaknesses | CWE-862 | |
| References |
| |
| Metrics |
cvssV3_1
|
Subscriptions
No data.
MITRE
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-05-26T20:58:17.950Z
Reserved: 2025-12-09T16:47:38.939Z
Link: CVE-2025-14361
Vulnrichment
No data.
NVD
Status : Received
Published: 2026-05-26T21:16:35.313
Modified: 2026-05-26T21:16:35.313
Link: CVE-2025-14361
Redhat
No data.
OpenCVE Enrichment
No data.