CVE-2025-24603

MEDIUM 4.3

WordPress Print Labels with Barcodes. Create price tags, product labels, order labels for WooCommerce plugin <= 3.4.10 - Broken Access Control vulnerability

CVSS Score

4.3

EPSS Score

0.2%

EPSS Percentile

43th

Missing Authorization vulnerability in Dmitry V. (CEO of "UKR Solution") Print Barcode Labels for your WooCommerce products/orders a4-barcode-generator.This issue affects Print Barcode Labels for your WooCommerce products/orders: from n/a through <= 3.4.10.

CWE	CWE-862
Vendor	dmitry v. (ceo of "ukr solution")
Product	print barcode labels for your woocommerce products/orders
Published	Jan 27, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for dmitry v. (ceo of "ukr solution") print barcode labels for your woocommerce products/orders

Be the first to know when new medium vulnerabilities affecting dmitry v. (ceo of "ukr solution") print barcode labels for your woocommerce products/orders are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

None

Affected Versions

Dmitry V. (CEO of "UKR Solution") / Print Barcode Labels for your WooCommerce products/orders

0 ≤ 3.4.10

References

NVD ↗ CVE.org ↗ EPSS Data ↗

patchstack.com: https://patchstack.com/database/Wordpress/Plugin/a4-barcode-generator/vulnerability/wordpress-print-labels-with-barcodes-create-price-tags-product-labels-order-labels-for-woocommerce-plugin-3-4-10-broken-access-control-vulnerability?_s_id=cve

Credits

Trương Hữu Phúc (truonghuuphuc) | Patchstack Bug Bounty Program