cleantalk
Vulnerabilities and Security Researches

WooCommerce Search, Filters & Merchandising, CVE-2025-32181

CVE, Research URL

CVE-2025-32181

Home page URL

Security reports for WooCommerce Search, Filters & Merchandising

Application

WooCommerce Search, Filters & Merchandising

Published on
Apr 04, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fast Simon Search, Filters & Merchandising for WooCommerce allows Stored XSS. This issue affects Search, Filters & Merchandising for WooCommerce: from n/a through 3.0.57.
Affected versions
Min -, max 3.0.57.
Status
vulnerable
Previous vulnerability researches
Cart tracking for WooCommerce (d666481e974f21c6b520fbaf7e0c7d274c39fb4b) , Jun 07, 2024
Cart tracking for WooCommerce (CVE-2025-30791) , Mar 28, 2025
New vulnerability
Easy Query – WP Query Builder (CVE-2025-32120) , Apr 06, 2025
Slider a SlidersPack – Image Slider, Post Slider, ACF Gallery Slider (CVE-2025-32152) , Apr 06, 2025
VG WooCarousel (CVE-2025-32153) , Apr 06, 2025
Woocommerce Products Reorder Drag Drop Multiple Sort – Sortable, Rearrange Products Vagonic (CVE-2025-32236) , Apr 06, 2025
RDP Wiki Embed (CVE-2025-32262) , Apr 06, 2025