cleantalk
Vulnerabilities and Security Researches

EmailKit -WooCommerce Email Customizer, CVE-2025-60106

CVE, Research URL

CVE-2025-60106

Home page URL

Security reports for EmailKit -WooCommerce Email Customizer

Application

EmailKit -WooCommerce Email Customizer

Published on
Sep 26, 2025
Research Description
Missing Authorization vulnerability in Roxnor EmailKit emailkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EmailKit: from n/a through <= 1.6.0.
Affected versions
max 1.6.0.
Status
vulnerable
Previous vulnerability researches
EmailKit -WooCommerce Email Customizer (CVE-2025-60106) , Oct 11, 2025
EmailKit -WooCommerce Email Customizer (CVE-2026-3474) , Apr 14, 2026
EmailKit -WooCommerce Email Customizer (CVE-2025-14059) , Jan 27, 2026
EmailKit -WooCommerce Email Customizer (CVE-2026-1925) , Apr 15, 2026
New vulnerability
Customer Reviews for WooCommerce (CVE-2026-1316) , Apr 15, 2026
WP Recipe Maker (CVE-2026-1558) , Apr 15, 2026
Page and Post Clone (CVE-2026-2893) , Apr 15, 2026
Greenshift &#8211; animation and page builder blocks (CVE-2026-2589) , Apr 15, 2026
Greenshift &#8211; animation and page builder blocks (CVE-2026-1927) , Apr 15, 2026