Mykola Lukin Orders Chat for WooCommerce Missing Authorization Vulnerability

Vulnerability

A missing authorization vulnerability has been identified in the Mykola Lukin Orders Chat for WooCommerce plugin, specifically in versions through 1.2.0. This vulnerability arises from incorrectly configured access control security levels, allowing unauthorized exploitation.

Impact

Exploitation of this vulnerability could lead to unauthorized access or actions within the affected WooCommerce site, potentially allowing users to manipulate orders or chat functionalities without proper permissions.

Added: Dec 31, 2025, 4:27 PM

Updated: Dec 31, 2025, 9:28 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.6

remediation

0.0

relevance

1.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.6

remediation

0.0

relevance

1.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mykola Lukin Orders Chat for WooCommerce Missing Authorization Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating