cleantalk
Vulnerabilities and Security Researches

Premmerce Product Search for WooCommerce, CVE-2025-64289

CVE, Research URL

CVE-2025-64289

Home page URL

Security reports for Premmerce Product Search for WooCommerce

Application

Premmerce Product Search for WooCommerce

Published on
Oct 29, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Premmerce Premmerce Product Search for WooCommerce premmerce-search allows Stored XSS.This issue affects Premmerce Product Search for WooCommerce: from n/a through <= 2.2.4.
Affected versions
max 2.2.4.
Status
vulnerable
Previous vulnerability researches
LearnPress Export Import &#8211; WordPress extension for LearnPress (CVE-2024-32588) , Jun 07, 2024
LearnPress Export Import &#8211; WordPress extension for LearnPress (CVE-2024-31241) , Jun 07, 2024
LearnPress Export Import &#8211; WordPress extension for LearnPress (CVE-2023-30487) , Jun 07, 2024
LearnPress Export Import &#8211; WordPress extension for LearnPress (CVE-2025-60200) , Nov 10, 2025
LearnPress Export Import &#8211; WordPress extension for LearnPress (CVE-2025-49992) , Nov 10, 2025
New vulnerability
Simple User Registration (CVE-2025-53428) , Nov 11, 2025
Booster for WooCommerce (CVE-2025-64196) , Nov 11, 2025
Community Events (CVE-2025-10587) , Nov 11, 2025
Community Events (CVE-2025-10586) , Nov 11, 2025
Community Events (CVE-2025-11995) , Nov 11, 2025