cleantalk
Vulnerabilities and Security Researches

Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light, CVE-2025-48124

CVE, Research URL

CVE-2025-48124

Home page URL

Security reports for Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light

Application

Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light

Published on
Jun 09, 2025
Research Description
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light allows Path Traversal. This issue affects Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light: from n/a through 2.4.37.
Affected versions
Min -, max 2.4.37.
Status
vulnerable
Previous vulnerability researches
Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light (CVE-2025-48123) , Jun 04, 2025
Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light (CVE-2025-39378) , Apr 25, 2025
Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light (CVE-2025-48122) , Jun 15, 2025
Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light (CVE-2025-48124) , Jun 04, 2025
Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light (CVE-2025-48129) , Jun 04, 2025
New vulnerability
Melapress File Monitor (CVE-2025-3702) , Jul 09, 2025
Widget for Google Reviews (CVE-2025-7327) , Jul 09, 2025
Lightbox & Modal Popup WordPress Plugin – FooBox (CVE-2025-5537) , Jul 09, 2025
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders (CVE-2025-6244) , Jul 09, 2025
AI Engine (CVE-2025-5570) , Jul 09, 2025