The Bytes Technolab Add Product Frontend for WooCommerce plugin suffers from a Missing Authorization vulnerability that affects versions up to 1.0.8. This vulnerability arises from improperly configured access controls, allowing attackers without privileges to perform actions that should require authorization. The CVSS 3.1 base score is 8.2, reflecting network attack vector, low attack complexity, no privileges required, no user interaction, unchanged scope, no confidentiality impact, limited integrity impact, and high availability impact. No patch or official fix has been documented yet.

Exploitation of this vulnerability can lead to unauthorized modification of product data within the WooCommerce environment, potentially disrupting availability or integrity of the e-commerce platform's product listings. There is no indication of confidentiality impact. The high CVSS score reflects the potential for significant disruption due to lack of authorization controls.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, restrict access to the affected plugin functionality to trusted users only and monitor for suspicious activity related to product modifications. Avoid exposing the vulnerable plugin interface to untrusted users.