cleantalk
Vulnerabilities and Security Researches

Amazon Products to WooCommerce, CVE-2025-5813

CVE, Research URL

CVE-2025-5813

Home page URL

Security reports for Amazon Products to WooCommerce

Application

Amazon Products to WooCommerce

Published on
Jun 26, 2025
Research Description
The Amazon Products to WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wcta2w_get_amazon_product_callback() function in all versions up to, and including, 1.2.7. This makes it possible for unauthenticated attackers to create new produces.
Affected versions
Min -, max 1.2.7.
Status
vulnerable
Previous vulnerability researches
Page Builder: Pagelayer – Drag and Drop website builder (CVE-2025-24573) , Jan 26, 2025
Page Builder: Pagelayer – Drag and Drop website builder (CVE-2025-1926) , Mar 10, 2025
Page Builder: Pagelayer – Drag and Drop website builder (CVE-2024-13427) , May 25, 2025
Page Builder: Pagelayer – Drag and Drop website builder (CVE-2025-4223) , May 25, 2025
Page Builder: Pagelayer – Drag and Drop website builder (CVE-2025-2104) , Mar 14, 2025
New vulnerability
Audio Editor & Recorder (CVE-2025-53211) , Jul 03, 2025
WP Optimizer (CVE-2025-53314) , Jul 03, 2025
Omnipress (CVE-2025-53276) , Jul 03, 2025
Pixel Manager for WooCommerce – Track Google Analytics, Google Ads, TikTok and more (CVE-2025-6201) , Jul 03, 2025
Hotel Booking (CVE-2025-53259) , Jul 03, 2025