Vulnerabilities and security researches forpure-wc-variations-swatches pure-wc-variations-swatches

Jan 11, 2026

CVE, Research URL: CVE-2025-12820
Home page URL: Security reports for Pure WC Variation Swatches
Application: Pure WC Variation Swatches
Date: Dec 20, 2025
Research Description: The Pure WC Variation Swatches WordPress plugin through 1.1.7 does not have an authorization check when updating its settings, which could allow any authenticated users to update them.
Affected versions: max 1.1.7.
Status: vulnerable