cleantalk
Vulnerabilities and Security Researches

Cost of Goods Sold (COGS): Cost & Profit Calculator for WooCommerce, CVE-2025-48240

CVE, Research URL

CVE-2025-48240

Home page URL

Security reports for Cost of Goods Sold (COGS): Cost & Profit Calculator for WooCommerce

Application

Cost of Goods Sold (COGS): Cost & Profit Calculator for WooCommerce

Published on
May 19, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Cost of Goods for WooCommerce allows Stored XSS. This issue affects Cost of Goods for WooCommerce: from n/a through 3.7.0.
Affected versions
Min -, max 3.7.1.
Status
vulnerable
Previous vulnerability researches
BuddyForms Form Elements for WooCommerce (39d1f22f-ea34-4d94-9dc2-12661cf69d36) , Jun 07, 2024
New vulnerability
Ultimate Gift Cards for WooCommerce – Create, Redeem & Manage Digital Gift Certificates with Personalized Templates (CVE-2025-5103) , Jun 03, 2025
History Log by click5 (CVE-2025-47598) , Jun 03, 2025
Music Player for Elementor – Audio Player & Podcast Player (CVE-2025-5340) , Jun 03, 2025
The E-Commerce ERP: Purchasing, Inventory, Fulfillment, Manufacturing, BOM, Accounting, Sales Analysis (CVE-2025-4631) , Jun 03, 2025
FastSpring (CVE-2025-4595) , Jun 02, 2025