cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forinstantio instantio

Direction: ascending
Jun 07, 2024

Instantio – WooCommerce Quick Checkout | Instant Checkout, Side Cart & Popup Cart # 6646083b6e5336625de5d634435ea4e0ab434700

CVE, Research URL

6646083b6e5336625de5d634435ea4e0ab434700

Home page URL

Security reports for Instantio – WooCommerce Quick Checkout | Instant Checkout, Side Cart & Popup Cart

Application

Instantio – WooCommerce Quick Checkout | Instant Checkout, Side Cart & Popup Cart

Date
Jun 30, 2021
Research Description
Instantio &#8211; WooCommerce Quick Checkout | Direct Checkout, Floating Cart, Side Cart &amp; Popup Cart [instantio] < 1.2.6 Instantio – WooCommerce Quick Checkout | Instant Checkout, Side Cart & Popup Cart <= 1.2.5 - Cross Site Request Forgery The Instantio – WooCommerce Quick Checkout | Instant Checkout, Side Cart & Popup Cart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.5. This is due to missing or incorrect nonce validation on the instantio_lite_ajax_quickview_variable_products function. This makes it possible for unauthenticated attackers to add products to a cart via a forged request granted they can trick a site user into performing an action such as clicking on a link.
Affected versions
Min -, max -.
Status
vulnerable
Apr 20, 2025

Instantio &#8211; WooCommerce Quick Checkout | Instant Checkout, Side Cart &amp; Popup Cart # CVE-2025-24581

CVE, Research URL

CVE-2025-24581

Home page URL

Security reports for Instantio &#8211; WooCommerce Quick Checkout | Instant Checkout, Side Cart &amp; Popup Cart

Application

Instantio &#8211; WooCommerce Quick Checkout | Instant Checkout, Side Cart &amp; Popup Cart

Date
Apr 17, 2025
Research Description
Missing Authorization vulnerability in Themefic Instantio allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Instantio: from n/a through 3.3.7.
Affected versions
Min -, max -.
Status
vulnerable
May 09, 2025

Instantio &#8211; WooCommerce Quick Checkout | Instant Checkout, Side Cart &amp; Popup Cart # CVE-2025-47550

CVE, Research URL

CVE-2025-47550

Home page URL

Security reports for Instantio &#8211; WooCommerce Quick Checkout | Instant Checkout, Side Cart &amp; Popup Cart

Application

Instantio &#8211; WooCommerce Quick Checkout | Instant Checkout, Side Cart &amp; Popup Cart

Date
May 07, 2025
Research Description
Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Instantio allows Upload a Web Shell to a Web Server. This issue affects Instantio: from n/a through 3.3.16.
Affected versions
Min -, max -.
Status
vulnerable