cleantalk
Vulnerabilities and Security Researches

YITH PayPal Express Checkout for WooCommerce, CVE-2025-48111

CVE, Research URL

CVE-2025-48111

Home page URL

Security reports for YITH PayPal Express Checkout for WooCommerce

Application

YITH PayPal Express Checkout for WooCommerce

Published on
Jun 17, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in YITHEMES YITH PayPal Express Checkout for WooCommerce allows Cross Site Request Forgery. This issue affects YITH PayPal Express Checkout for WooCommerce: from n/a through 1.49.0.
Affected versions
Min -, max 1.49.1.
Status
vulnerable
Previous vulnerability researches
Ivory Search – WordPress Search Plugin (CVE-2022-4974) , Nov 15, 2024
Ivory Search – WordPress Search Plugin (CVE-2021-36869) , Jun 06, 2024
Ivory Search – WordPress Search Plugin (CVE-2021-24234) , Jun 06, 2024
Ivory Search – WordPress Search Plugin (CVE-2024-3233) , Jun 06, 2024
Ivory Search – WordPress Search Plugin (CVE-2021-25105) , Jun 06, 2024
New vulnerability
Table of Contents Plus , Jun 19, 2025
WP Employee Attendance System (CVE-2025-28972) , Jun 18, 2025
Wise Chat (CVE-2025-3774) , Jun 18, 2025
WPAdverts – Classifieds Plugin (CVE-2025-49878) , Jun 18, 2025
Brid Video Easy Publish (CVE-2025-5237) , Jun 18, 2025