cleantalk
Vulnerabilities and Security Researches

ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes, CVE-2025-47645

CVE, Research URL

CVE-2025-47645

Home page URL

Security reports for ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes

Application

ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes

Published on
Jul 16, 2025
Research Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ELEXtensions ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes allows SQL Injection. This issue affects ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes: from n/a through 1.4.9.
Affected versions
Min -, max 1.5.0.
Status
vulnerable
Previous vulnerability researches
BuddyForms Form Elements for WooCommerce (39d1f22f-ea34-4d94-9dc2-12661cf69d36) , Jun 07, 2024
New vulnerability
Bold Page Builder (CVE-2025-54006) , Jul 19, 2025
Biteship: Plugin Ongkos Kirim Kurir Instant, Reguler, Kargo (CVE-2025-5816) , Jul 19, 2025
Block Editor Gallery Slider (CVE-2025-6726) , Jul 18, 2025
YayExtra – WooCommerce Extra Product Options (CVE-2025-48299) , Jul 18, 2025
Pay with Contact Form 7 (CVE-2025-52777) , Jul 18, 2025