cleantalk
Vulnerabilities and Security Researches

WP-Recall – Registration, Profile, Commerce & More, CVE-2025-49991

CVE, Research URL

CVE-2025-49991

Home page URL

Security reports for WP-Recall – Registration, Profile, Commerce & More

Application

WP-Recall – Registration, Profile, Commerce & More

Published on
Jun 20, 2025
Research Description
Missing Authorization vulnerability in tggfref WP-Recall allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WP-Recall: from n/a through 16.26.14.
Affected versions
Min -, max 16.26.14.
Status
vulnerable
Previous vulnerability researches
Address Autocomplete via Google for Gravity Forms (CVE-2025-53263) , Jul 03, 2025
New vulnerability
CSV Importer Improved (CVE-2025-50013) , Jul 04, 2025
WooCommerce PDF Invoice Builder, Create invoices, packing slips and more (CVE-2025-53203) , Jul 04, 2025
Infility Global (CVE-2025-52774) , Jul 04, 2025
Additional Order Filters for WooCommerce (CVE-2025-53271) , Jul 04, 2025
Aviation Weather from NOAA (CVE-2025-28980) , Jul 04, 2025