cleantalk
Vulnerabilities and Security Researches

LTL Freight Quotes – GlobalTranz Edition, CVE-2025-1483

CVE, Research URL

CVE-2025-1483

Home page URL

Security reports for LTL Freight Quotes – GlobalTranz Edition

Application

LTL Freight Quotes – GlobalTranz Edition

Published on
Feb 20, 2025
Research Description
The LTL Freight Quotes – GlobalTranz Edition plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the engtz_wd_save_dropship AJAX endpoint in all versions up to, and including, 2.3.12. This makes it possible for unauthenticated attackers to update the drop shipping settings.
Affected versions
Min -, max 2.3.13.
Status
vulnerable
Previous vulnerability researches
LTL Freight Quotes – GlobalTranz Edition (CVE-2025-1483) , Feb 21, 2025
LTL Freight Quotes – GlobalTranz Edition (CVE-2024-13476) , May 06, 2025
New vulnerability
WordPress Plugin for Google Maps – WP MAPS (CVE-2025-3502) , May 07, 2025
WordPress Plugin for Google Maps – WP MAPS (CVE-2025-3503) , May 07, 2025
Category Widget (CVE-2025-46515) , May 07, 2025
Search Exclude (CVE-2025-2821) , May 07, 2025
IGIT Related Posts With Thumb Image After Posts (CVE-2025-46518) , May 07, 2025