cleantalk
Vulnerabilities and Security Researches

Free Shipping Amount Label & Progress Bar for WooCommerce, CVE-2025-48253

CVE, Research URL

CVE-2025-48253

Home page URL

Security reports for Free Shipping Amount Label & Progress Bar for WooCommerce

Application

Free Shipping Amount Label & Progress Bar for WooCommerce

Published on
May 19, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Free Shipping Bar: Amount Left for Free Shipping for WooCommerce allows Stored XSS. This issue affects Free Shipping Bar: Amount Left for Free Shipping for WooCommerce: from n/a through 2.4.6.
Affected versions
Min -, max 2.4.7.
Status
vulnerable
Previous vulnerability researches
Experto CTA Widget – Call To Action, Sticky CTA, Floating Button Plugin (CVE-2025-47529) , May 19, 2025
New vulnerability
Back Button Widget (CVE-2025-48252) , May 21, 2025
Cloudflare Turnstile or reCAPTCHA For All Pages, to Block Spam and Hackers Attack, Block Visitors from China (CVE-2025-48243) , May 21, 2025
Free Shipping Amount Label & Progress Bar for WooCommerce (CVE-2025-48253) , May 21, 2025
WordPress Gallery Plugin – NextGEN Gallery (CVE-2024-5878) , May 21, 2025
Pretty Links – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin (CVE-2025-48247) , May 21, 2025