cleantalk
Vulnerabilities and Security Researches

Subscription for WooCommerce, CVE-2026-24554

CVE, Research URL

CVE-2026-24554

Home page URL

Security reports for Subscription for WooCommerce

Application

Subscription for WooCommerce

Published on
May 26, 2026
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Convers Lab WPSubscription allows Cross Site Request Forgery. This issue affects WPSubscription: from n/a through 1.9.1.
Affected versions
max 1.9.2.
Status
vulnerable
Previous vulnerability researches
GTM4WP – A Google Tag Manager (GTM) plugin for WordPress , Jul 24, 2024
GTM4WP – A Google Tag Manager (GTM) plugin for WordPress (CVE-2022-1961) , Jun 07, 2024
GTM4WP – A Google Tag Manager (GTM) plugin for WordPress (CVE-2022-1707) , Jun 07, 2024
New vulnerability
cformsII (CVE-2026-39436) , May 28, 2026
Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP (CVE-2026-24937) , May 28, 2026
Yoast SEO (CVE-2025-14481) , May 27, 2026
Enable jQuery Migrate Helper (CVE-2026-3279) , May 27, 2026
Subscription for WooCommerce (CVE-2026-24554) , May 27, 2026