The vulnerability identified as CVE-2025-67969 affects the knitpay UPI QR Code Payment Gateway for WooCommerce plugin, specifically versions up to 1.5.1. It is caused by missing authorization checks, leading to incorrect access control configurations. This can allow an attacker to access certain functionalities or data without proper permissions. The CVSS 3.1 base score is 6.5, with attack vector network, low attack complexity, no privileges required, no user interaction, unchanged scope, limited confidentiality impact, no integrity impact, and low availability impact. No patch or official remediation information is provided in the available data.

The vulnerability can lead to unauthorized access to parts of the payment gateway functionality or data, potentially exposing limited confidential information and causing partial disruption of service. There is no indication of integrity compromise. The impact is rated medium severity based on the CVSS score of 6.5. No known exploitation in the wild has been reported.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no patch or official fix information is provided, users should monitor vendor communications for updates. Until a fix is available, consider restricting access to the affected plugin's functionalities or disabling the plugin if feasible to reduce exposure.