cleantalk
Vulnerabilities and Security Researches

Subscription for WooCommerce, CVE-2025-69347

CVE, Research URL

CVE-2025-69347

Home page URL

Security reports for Subscription for WooCommerce

Application

Subscription for WooCommerce

Published on
Mar 25, 2026
Research Description
Authorization Bypass Through User-Controlled Key vulnerability in Convers Lab WPSubscription subscription allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSubscription: from n/a through <= 1.8.10.
Affected versions
max 1.8.10.
Status
vulnerable
Previous vulnerability researches
Booking Calendar &#8211; Clockwork SMS (CVE-2017-17780) , Jun 07, 2024
Booking Calendar &#8211; Clockwork SMS (CVE-2017-18555) , Jun 07, 2024
New vulnerability
Mollie Payments for WooCommerce (CVE-2025-68501) , Mar 30, 2026
SMTP &#8211; 100% Free &amp; Open Source SMTP plugin for WordPress &#8211; Bit SMTP (CVE-2026-32519) , Mar 30, 2026
Responsive Starter Templates &#8211; Elementor &amp; WordPress Templates (CVE-2025-15488) , Mar 30, 2026
Shopping Cart &amp; eCommerce Store (CVE-2026-32422) , Mar 30, 2026
Advanced iFrame (CVE-2026-25412) , Mar 30, 2026