{"id":72333,"date":"2025-10-25T09:45:35","date_gmt":"2025-10-25T06:15:35","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-11888-shopengine-elementor-woocommerce-builder-addon-all-in-one-woocommerce-solution\/"},"modified":"2025-10-25T09:45:35","modified_gmt":"2025-10-25T06:15:35","slug":"cve-2025-11888-shopengine-elementor-woocommerce-builder-addon-all-in-one-woocommerce-solution","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-11888-shopengine-elementor-woocommerce-builder-addon-all-in-one-woocommerce-solution\/","title":{"rendered":"CVE-2025-11888 &#8211; ShopEngine Elementor WooCommerce Builder Addon \u2013 All in One WooCommerce Solution"},"content":{"rendered":"<p>CVE ID : CVE-2025-11888<\/p>\n<p>Published :  Oct. 25, 2025, 6:15 a.m. | 28\u00a0minutes ago<\/p>\n<p>Description : The ShopEngine Elementor WooCommerce Builder Addon \u2013 All in One WooCommerce Solution plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient capability check on the post_deactive() function and post_activate() function in all versions up to, and including, 4.8.4. This makes it possible for authenticated attackers, with Editor-level access and above, to activate and deactivate licenses.<\/p>\n<p>Severity: 2.7 | LOW<\/p>\n<p>Visit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-11888 Published : Oct. 25, 2025, 6:15 a.m. | 28\u00a0minutes ago Description : The ShopEngine Elementor WooCommerce Builder Addon \u2013 All in One WooCommerce Solution plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient capability check on the post_deactive() function and post_activate() function in all versions up &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-72333","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/72333","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=72333"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/72333\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=72333"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=72333"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=72333"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}