CVE-2025-31843: Missing Authorization vulnerability in Wilson OpenAI Tools for WordPress & WooCommerce allows Exploiting Incorrectly Con
mediumvulnerability
security
Summary
CVE-2025-31843 is a missing authorization vulnerability (a security flaw where the software fails to properly check if a user has permission to perform an action) in the Wilson OpenAI Tools plugin for WordPress and WooCommerce that affects versions up to 2.1.5. The vulnerability allows attackers to exploit incorrectly configured access controls, meaning they can perform actions they shouldn't be allowed to do.
Vulnerability Details
CVSS Score
4.3(medium)
EPSS (30-day exploit probability)
EPSS: 0.2%
Classification
Attack Type
Other
Attack SophisticationTrivial
Impact (CIA+S)
confidentialityintegrity
Affected Vendors
OpenAI
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-31843
First tracked: February 15, 2026 at 08:49 PM
Classified by LLM (prompt v3) · confidence: 75%