cleantalk
Vulnerabilities and Security Researches

Order Status Rules for WooCommerce, CVE-2025-30781

CVE, Research URL

CVE-2025-30781

Home page URL

Security reports for Order Status Rules for WooCommerce

Application

Order Status Rules for WooCommerce

Published on
Mar 27, 2025
Research Description
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WPFactory Scheduled & Automatic Order Status Controller for WooCommerce allows Phishing. This issue affects Scheduled & Automatic Order Status Controller for WooCommerce: from n/a through 3.7.1.
Affected versions
max 3.7.2.
Status
vulnerable
Previous vulnerability researches
CRM and Lead Management by vcita (CVE-2025-5240) , Jul 23, 2025
CRM and Lead Management by vcita (CVE-2024-13702) , Mar 27, 2025
CRM and Lead Management by vcita (CVE-2024-13703) , Mar 14, 2025
CRM and Lead Management by vcita (CVE-2023-2405) , Jun 07, 2024
CRM and Lead Management by vcita (CVE-2023-2404) , Jun 07, 2024
New vulnerability
FileBird – WordPress Media Library Folders & File Manager (CVE-2025-11510) , Oct 29, 2025
WordPress Webinar Plugin – WebinarPress (CVE-2025-62972) , Oct 29, 2025
Genealogical Tree – WordPress Family Tree (CVE-2025-58023) , Oct 12, 2025
WPB Quick View Popup for WooCommerce – Display Product Informations in Popup on Button Click (CVE-2025-57967) , Oct 12, 2025
Mixtape (CVE-2025-9860) , Oct 12, 2025