CVE-2025-49320 | WordPress FraudLabs Pro for WooCommerce plugin <= 2.22.11 - Broken Access Control Vulnerability
Missing Authorization vulnerability in fraudlabspro FraudLabs Pro for WooCommerce fraudlabs-pro-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FraudLabs Pro for WooCommerce: from n/a through <= 2.22.11.
Conclusion & alert: CVE-2025-49320 is rated Low Risk (37.3/100): CVSS Medium severity, with low exploitation likelihood (EPSS 0.23%).Mandatory action: Monitor for updates and reassess as exploit intelligence or EPSS changes.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
Exploit prediction scoring system (EPSS) score for CVE-2025-49320
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).