{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-30993", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2025-03-26T09:22:48.161Z", "datePublished": "2025-08-14T10:34:29.320Z", "dateUpdated": "2025-08-14T19:42:11.673Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2025-08-14T10:34:29.320Z"}, "title": "WordPress Thank You Page Customizer for WooCommerce \u2013 Increase Your Sales <= 1.1.7 - Broken Access Control Vulnerability", "problemTypes": [{"descriptions": [{"cweId": "CWE-862", "description": "CWE-862 Missing Authorization", "lang": "en", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-180", "descriptions": [{"lang": "en", "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"}]}], "affected": [{"vendor": "VillaTheme", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "woo-thank-you-page-customizer", "product": "Thank You Page Customizer for WooCommerce \u2013 Increase Your Sales", "versions": [{"lessThanOrEqual": "1.1.7", "status": "affected", "version": "n/a", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Missing Authorization vulnerability in VillaTheme Thank You Page Customizer for WooCommerce \u2013 Increase Your Sales allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Thank You Page Customizer for WooCommerce \u2013 Increase Your Sales: from n/a through 1.1.7.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>Missing Authorization vulnerability in VillaTheme Thank You Page Customizer for WooCommerce \u2013 Increase Your Sales allows Exploiting Incorrectly Configured Access Control Security Levels.</p><p>This issue affects Thank You Page Customizer for WooCommerce \u2013 Increase Your Sales: from n/a through 1.1.7.</p>"}]}], "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/wordpress/plugin/woo-thank-you-page-customizer/vulnerability/wordpress-thank-you-page-customizer-for-woocommerce-increase-your-sales-1-1-7-broken-access-control-vulnerability?_s_id=cve"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseSeverity": "MEDIUM", "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "version": "3.1"}}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "ch4r0n (Patchstack Alliance)"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-14T19:42:01.228282Z", "id": "CVE-2025-30993", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-14T19:42:11.673Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-30993", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-14T19:42:01.228282Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-14T19:42:08.437Z"}}], "cna": {"title": "WordPress Thank You Page Customizer for WooCommerce \u2013 Increase Your Sales <= 1.1.7 - Broken Access Control Vulnerability", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "ch4r0n (Patchstack Alliance)"}], "impacts": [{"capecId": "CAPEC-180", "descriptions": [{"lang": "en", "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "VillaTheme", "product": "Thank You Page Customizer for WooCommerce \u2013 Increase Your Sales", "versions": [{"status": "affected", "version": "n/a", "versionType": "custom", "lessThanOrEqual": "1.1.7"}], "packageName": "woo-thank-you-page-customizer", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "references": [{"url": "https://patchstack.com/database/wordpress/plugin/woo-thank-you-page-customizer/vulnerability/wordpress-thank-you-page-customizer-for-woocommerce-increase-your-sales-1-1-7-broken-access-control-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Missing Authorization vulnerability in VillaTheme Thank You Page Customizer for WooCommerce \u2013 Increase Your Sales allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Thank You Page Customizer for WooCommerce \u2013 Increase Your Sales: from n/a through 1.1.7.", "supportingMedia": [{"type": "text/html", "value": "<p>Missing Authorization vulnerability in VillaTheme Thank You Page Customizer for WooCommerce \u2013 Increase Your Sales allows Exploiting Incorrectly Configured Access Control Security Levels.</p><p>This issue affects Thank You Page Customizer for WooCommerce \u2013 Increase Your Sales: from n/a through 1.1.7.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2025-08-14T10:34:29.320Z"}}}, "cveMetadata": {"cveId": "CVE-2025-30993", "state": "PUBLISHED", "dateUpdated": "2025-08-14T19:42:11.673Z", "dateReserved": "2025-03-26T09:22:48.161Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2025-08-14T10:34:29.320Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Missing Authorization vulnerability in VillaTheme Thank You Page Customizer for WooCommerce \u2013 Increase Your Sales allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Thank You Page Customizer for WooCommerce \u2013 Increase Your Sales: from n/a through 1.1.7."}, {"lang": "es", "value": "La vulnerabilidad de falta de autorizaci\u00f3n en el VillaTheme Thank You Page Customizer para WooCommerce \u2013 Increase Your Sales permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a VillaTheme Thank You Page Customizer for WooCommerce \u2013 Increase Your Sales: desde n/d hasta la versi\u00f3n 1.1.7."}], "id": "CVE-2025-30993", "lastModified": "2025-08-14T13:11:53.633", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "audit@patchstack.com", "type": "Secondary"}]}, "published": "2025-08-14T11:15:32.963", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/wordpress/plugin/woo-thank-you-page-customizer/vulnerability/wordpress-thank-you-page-customizer-for-woocommerce-increase-your-sales-1-1-7-broken-access-control-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "audit@patchstack.com", "type": "Primary"}]}

{}

{"created": "2025-08-16T21:41:26.454312+00:00", "updated": "2025-08-16T21:41:26.454361+00:00", "vendors": ["villatheme", "villatheme$PRODUCT$thank_you_page_customizer_for_woocommerce", "villatheme$PRODUCT$woocommerce_thank_you_page_customizer", "woocommerce", "woocommerce$PRODUCT$woocommerce", "wordpress", "wordpress$PRODUCT$wordpress"]}