CVE-2025-47563 Information

Description

Missing Authorization vulnerability in villatheme CURCY allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects CURCY: from n/a through 2.3.7.

Reference

https://patchstack.com/database/wordpress/plugin/woocommerce-multi-currency/vulnerability/wordpress-curcy-plugin-2-3-7-arbitrary-shortcode-execution-vulnerability?_s_id=cve