cleantalk
Vulnerabilities and Security Researches

Doofinder WP & WooCommerce Search, CVE-2026-39542

CVE, Research URL

CVE-2026-39542

Home page URL

Security reports for Doofinder WP & WooCommerce Search

Application

Doofinder WP & WooCommerce Search

Published on
Apr 08, 2026
Research Description
Insertion of Sensitive Information Into Sent Data vulnerability in Doofinder Doofinder for WooCommerce doofinder-for-woocommerce allows Retrieve Embedded Sensitive Data.This issue affects Doofinder for WooCommerce: from n/a through <= 2.10.13.
Affected versions
max 2.10.14.
Status
vulnerable
Previous vulnerability researches
Doofinder WP &amp; WooCommerce Search (CVE-2023-40602) , Jun 07, 2024
Doofinder WP &amp; WooCommerce Search (CVE-2023-49185) , Jun 07, 2024
Doofinder WP &amp; WooCommerce Search (CVE-2023-51678) , Jun 07, 2024
Doofinder WP &amp; WooCommerce Search (CVE-2024-25596) , Jun 07, 2024
Doofinder WP &amp; WooCommerce Search (CVE-2026-39542) , Apr 14, 2026
New vulnerability
SupportCandy &#8211; Helpdesk &amp; Customer Support Ticket System (CVE-2026-1251) , Apr 14, 2026
SupportCandy &#8211; Helpdesk &amp; Customer Support Ticket System (CVE-2026-0683) , Apr 14, 2026
Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile &amp; Restrict Content – ProfilePress (CVE-2026-3453) , Apr 14, 2026
Modular DS: Manage all your websites from a single dashboard (CVE-2026-3903) , Apr 14, 2026
Brid Video Easy Publish (CVE-2025-8072) , Apr 14, 2026