CVE-2025-11237
11.11.2025, 06:15
The Make Email Customizer for WooCommerce WordPress plugin through 1.0.6 lacks proper authorization checks and option validation in its AJAX actions, allowing any authenticated user, such as a Subscriber, to update arbitrary WordPress options.Enginsight
Awaiting analysis
This vulnerability is currently awaiting analysis.