The Barcode Generator for WooCommerce plugin suffers from a Missing Authorization vulnerability that allows unauthorized access due to improperly configured access control. This affects all versions up to 2.0.4. The vulnerability has a CVSS 3.1 score of 7.5, indicating a high severity with network attack vector, low attack complexity, no privileges required, no user interaction, and an impact limited to availability. No vendor advisory or patch information is currently provided, and no known exploits are reported in the wild.

The vulnerability can be exploited remotely without authentication or user interaction, potentially causing denial of service (availability impact) to the affected WooCommerce plugin functionality. There is no evidence of confidentiality or integrity impacts. No known active exploitation has been reported.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, users should consider restricting access to the plugin's functionality or disabling it if feasible to reduce exposure. Monitor for updates from the vendor or trusted security sources regarding patches or mitigations.