cleantalk
Vulnerabilities and Security Researches

SpecFit-Virtual Try On Woocommerce, CVE-2025-23973

CVE, Research URL

CVE-2025-23973

Home page URL

Security reports for SpecFit-Virtual Try On Woocommerce

Application

SpecFit-Virtual Try On Woocommerce

Published on
Jun 27, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dugudlabs SpecFit-Virtual Try On Woocommerce allows Stored XSS. This issue affects SpecFit-Virtual Try On Woocommerce: from n/a through 7.0.6.
Affected versions
Min -, max 7.0.5.
Status
vulnerable
Previous vulnerability researches
Autopost for X (formerly Autoshare for Twitter) (CVE-2022-38900) , Jun 06, 2024
Autopost for X (formerly Autoshare for Twitter) (CVE-2022-25912) , Jun 06, 2024
Autopost for X (formerly Autoshare for Twitter) (CVE-2022-25858) , Jun 06, 2024
New vulnerability
Backwp (CVE-2025-28956) , Jul 02, 2025
WANotifier – Send Message Notifications Using Cloud API (CVE-2025-49976) , Jul 02, 2025
OceanWP (CVE-2025-5524) , Jul 02, 2025
WP Social AutoConnect (CVE-2025-50022) , Jul 02, 2025
ONet Regenerate Thumbnails (CVE-2025-53264) , Jul 02, 2025