cleantalk
Vulnerabilities and Security Researches

NikanWP WooCommerce Reporting, CVE-2025-62957

CVE, Research URL

CVE-2025-62957

Home page URL

Security reports for NikanWP WooCommerce Reporting

Application

NikanWP WooCommerce Reporting

Published on
Oct 27, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in NikanWP NikanWP WooCommerce Reporting wc-reports-lite allows Stored XSS.This issue affects NikanWP WooCommerce Reporting: from n/a through <= 1.0.0.
Affected versions
max 1.0.0.
Status
vulnerable
Previous vulnerability researches
My Favorites (CVE-2024-37114) , Jun 24, 2024
My Favorites (CVE-2024-49263) , Oct 18, 2024
Favorites (CVE-2025-1452) , Mar 27, 2025
Favorites (CVE-2023-2304) , Jun 06, 2024
Favorites (CVE-2024-2948) , Jun 06, 2024
New vulnerability
Content Locker for Elementor (CVE-2025-10896) , Nov 11, 2025
WP-DownloadManager (CVE-2025-10747) , Nov 11, 2025
MasterStudy LMS WordPress Plugin – for Online Courses and Education (CVE-2025-59575) , Nov 11, 2025
MasterStudy LMS WordPress Plugin – for Online Courses and Education (CVE-2025-64366) , Nov 11, 2025
Mixlr Shortcode (CVE-2025-11807) , Nov 11, 2025