cleantalk
Vulnerabilities and Security Researches

Custom Order Statuses for WooCommerce, CVE-2024-25930

CVE, Research URL

CVE-2024-25930

Home page URL

Security reports for Custom Order Statuses for WooCommerce

Application

Custom Order Statuses for WooCommerce

Published on
Feb 29, 2024
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Nuggethon Custom Order Statuses for WooCommerce.This issue affects Custom Order Statuses for WooCommerce: from n/a through 1.5.2.
Affected versions
Min -, max 1.5.2.
Status
vulnerable
Previous vulnerability researches
Custom Order Statuses for WooCommerce (CVE-2024-32524) , Jun 07, 2024
Custom Order Statuses for WooCommerce (CVE-2024-25930) , Jun 07, 2024
New vulnerability
Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms (CVE-2025-7696) , Jul 21, 2025
Temporarily Hidden Content (CVE-2025-7658) , Jul 21, 2025
Testimonial Post type (CVE-2025-5800) , Jul 21, 2025
WP Shortcodes Plugin — Shortcodes Ultimate (CVE-2025-7369) , Jul 21, 2025
WP Shortcodes Plugin — Shortcodes Ultimate (CVE-2025-7354) , Jul 21, 2025