CVE-2023-40327 MEDIUM

CVE-2023-40327: WordPress Putler Connector for WooCommerce plugin <= 2.12.0 - Unauthenticated Broken Access Control vulnerability

Vendor Putler / Storeapps
Product Putler Connector for WooCommerce
Weakness CWE-862 · Missing authorization
Published January 2, 2025
Last update April 28, 2026
View on NVD All CVEs

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

What the vulnerability does

01Description

Missing Authorization vulnerability in Putler / Storeapps Putler Connector for WooCommerce.This issue affects Putler Connector for WooCommerce: from n/a through 2.12.0.

Key dates

02Disclosure timeline

January 2, 2025 CVE published
April 28, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-62977 WordPress 百度站长SEO合集(支持百度/神马/Bing/头条推送) plugin <= 2.1.4 - Broken Access Control vulnerability CVE-2025-12675 KiotViet Sync <= 1.8.5 - Missing Authorization to Authenticated (Subscriber+) Settings Update CVE-2025-30828 WordPress Timetics plugin <= 1.0.29 - Broken Access Control vulnerability CVE-2023-1023 WP Meta SEO <= 4.5.3 - Missing Authorization in 'saveSitemapSettings' CVE-2022-1020 Woo Product Table < 3.1.2 - Unauthenticated Arbitrary Function Call