cleantalk
Vulnerabilities and Security Researches

YITH PayPal Express Checkout for WooCommerce, CVE-2025-48111

CVE, Research URL

CVE-2025-48111

Home page URL

Security reports for YITH PayPal Express Checkout for WooCommerce

Application

YITH PayPal Express Checkout for WooCommerce

Published on
Jun 17, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in YITHEMES YITH PayPal Express Checkout for WooCommerce allows Cross Site Request Forgery. This issue affects YITH PayPal Express Checkout for WooCommerce: from n/a through 1.49.0.
Affected versions
Min -, max 1.49.1.
Status
vulnerable
Previous vulnerability researches
Astra Widgets (CVE-2024-56274) , Jan 07, 2025
Astra Widgets , Jul 24, 2024
Astra Widgets (CVE-2024-50439) , Oct 27, 2024
New vulnerability
Table of Contents Plus , Jun 19, 2025
WP Employee Attendance System (CVE-2025-28972) , Jun 18, 2025
Wise Chat (CVE-2025-3774) , Jun 18, 2025
WPAdverts – Classifieds Plugin (CVE-2025-49878) , Jun 18, 2025
Brid Video Easy Publish (CVE-2025-5237) , Jun 18, 2025