cleantalk
Vulnerabilities and Security Researches

ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes, CVE-2025-22352

CVE, Research URL

CVE-2025-22352

Home page URL

Security reports for ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes

Application

ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes

Published on
Jan 07, 2025
Research Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ELEXtensions ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes allows Blind SQL Injection.This issue affects ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes: from n/a through 1.4.8.
Affected versions
Min -, max 1.4.8.
Status
vulnerable
Previous vulnerability researches
ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes (CVE-2025-3280) , Apr 28, 2025
ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes (CVE-2025-22352) , Jan 07, 2025
New vulnerability
WS Form LITE – Drag & Drop Contact Form Builder for WordPress (CVE-2025-3912) , Apr 28, 2025
Upsell Order Bump Offer for WooCommerce – Increase Sales and AOV, Upsell & Cross-sell Offers on Checkout Page (CVE-2025-3743) , Apr 28, 2025
ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes (CVE-2025-3280) , Apr 28, 2025
FuseDesk (CVE-2025-3832) , Apr 27, 2025
Create custom forms for WordPress with a smart form plugin for smart businesses – Form builder for WordPress (CVE-2025-2801) , Apr 27, 2025