This vulnerability (CWE-862) in WooCommerce Multilingual & Multicurrency involves missing authorization checks, allowing users with some level of privilege to execute actions beyond their intended permissions. The affected versions include all versions up to 5.3.4. The CVSS 3.1 base score is 5.4, indicating a medium severity with network attack vector, low attack complexity, requiring privileges, no user interaction, unchanged scope, no confidentiality impact, but integrity and availability impacts. No vendor advisory or patch information is currently available.

Successful exploitation could lead to unauthorized modification or disruption of the affected system's functionality, impacting integrity and availability. Confidentiality is not affected. The vulnerability requires an attacker to have some level of privileges on the system.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, restrict user privileges to the minimum necessary and monitor for unusual activity related to WooCommerce Multilingual & Multicurrency plugin usage.