cleantalk
Vulnerabilities and Security Researches

Conditional Shipping for WooCommerce, CVE-2025-39564

CVE, Research URL

CVE-2025-39564

Home page URL

Security reports for Conditional Shipping for WooCommerce

Application

Conditional Shipping for WooCommerce

Published on
Apr 16, 2025
Research Description
Conditional Shipping for WooCommerce [conditional-shipping-for-woocommerce] < 3.4.1 CVE-2025-39564 [en] Cross-Site Request Forgery (CSRF) vulnerability in WP Trio Conditional Shipping for WooCommerce allows Cross Site Request Forgery. This issue affects Conditional Shipping for WooCommerce: from n/a through 3.4.0.
Affected versions
Min -, max 3.4.1.
Status
vulnerable
Previous vulnerability researches
Happy Addons for Elementor (CVE-2025-30766) , Apr 02, 2025
Happy Addons for Elementor (CVE-2024-10538) , Nov 14, 2024
Happy Addons for Elementor (CVE-2024-12852) , Jan 09, 2025
Happy Addons for Elementor (CVE-2021-24292) , Jun 07, 2024
Happy Addons for Elementor (CVE-2024-24833) , Jun 07, 2024
New vulnerability
Cost Calculator Builder (CVE-2025-39587) , Apr 19, 2025
Klarna Checkout for WooCommerce (CVE-2024-13925) , Apr 19, 2025
WordPress Button Plugin MaxButtons (CVE-2025-39444) , Apr 19, 2025
Course Booking System (CVE-2025-32508) , Apr 19, 2025
Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Wo (CVE-2025-39588) , Apr 19, 2025