cleantalk
Vulnerabilities and Security Researches

YITH PayPal Express Checkout for WooCommerce, CVE-2025-48111

CVE, Research URL

CVE-2025-48111

Home page URL

Security reports for YITH PayPal Express Checkout for WooCommerce

Application

YITH PayPal Express Checkout for WooCommerce

Published on
Jun 17, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in YITHEMES YITH PayPal Express Checkout for WooCommerce allows Cross Site Request Forgery. This issue affects YITH PayPal Express Checkout for WooCommerce: from n/a through 1.49.0.
Affected versions
Min -, max 1.49.1.
Status
vulnerable
Previous vulnerability researches
GamiPress – Button (CVE-2024-2460) , Jun 06, 2024
GamiPress – Button (98ba15e94d5d1c2d4f99fb15090730d0e1b597a1) , Jun 06, 2024
New vulnerability
Table of Contents Plus , Jun 19, 2025
WP Employee Attendance System (CVE-2025-28972) , Jun 18, 2025
Wise Chat (CVE-2025-3774) , Jun 18, 2025
WPAdverts – Classifieds Plugin (CVE-2025-49878) , Jun 18, 2025
Brid Video Easy Publish (CVE-2025-5237) , Jun 18, 2025