cleantalk
Vulnerabilities and Security Researches

Global Shop Discount for WooCommerce, CVE-2025-48248

CVE, Research URL

CVE-2025-48248

Home page URL

Security reports for Global Shop Discount for WooCommerce

Application

Global Shop Discount for WooCommerce

Published on
May 19, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Sitewide Discount for WooCommerce: Apply Discount to All Products allows Stored XSS. This issue affects Sitewide Discount for WooCommerce: Apply Discount to All Products: from n/a through 2.2.1.
Affected versions
Min -, max 2.2.2.
Status
vulnerable
Previous vulnerability researches
Affiliate Ads for ClickBank (CVE-2015-20106) , Jun 07, 2024
Affiliate Ads for ClickBank (CVE-2015-20105) , Jun 07, 2024
New vulnerability
FastSpring (CVE-2025-4595) , Jun 02, 2025
Real Time Validation for Gravity Forms (CVE-2025-48330) , Jun 02, 2025
EU/UK VAT Manager for WooCommerce (CVE-2025-47504) , Jun 02, 2025
Tournamatch (CVE-2025-4594) , Jun 02, 2025
WP YouTube Video Optimizer (CVE-2025-4217) , Jun 02, 2025