cleantalk
Vulnerabilities and Security Researches

KiotViet Sync, CVE-2025-62978

CVE, Research URL

CVE-2025-62978

Home page URL

Security reports for KiotViet Sync

Application

KiotViet Sync

Published on
Oct 27, 2025
Research Description
Missing Authorization vulnerability in Kiotviet KiotViet Sync kiotvietsync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KiotViet Sync: from n/a through <= 1.8.5.
Affected versions
max 1.8.5.
Status
vulnerable
Previous vulnerability researches
Post Grid, Slider &amp; Carousel Ultimate &#8211; with Shortcode, Gutenberg Block &amp; Elementor Widget (CVE-2025-24782) , Jan 29, 2025
Post Grid, Slider &amp; Carousel Ultimate &#8211; with Shortcode, Gutenberg Block &amp; Elementor Widget (CVE-2024-13408) , Jan 26, 2025
Post Grid, Slider &amp; Carousel Ultimate &#8211; with Shortcode, Gutenberg Block &amp; Elementor Widget (CVE-2024-13409) , Jan 26, 2025
Post Grid, Slider &amp; Carousel Ultimate &#8211; with Shortcode, Gutenberg Block &amp; Elementor Widget (CVE-2022-1266) , Jun 06, 2024
Post Grid, Slider &amp; Carousel Ultimate &#8211; with Shortcode, Gutenberg Block &amp; Elementor Widget (CVE-2024-29925) , Jun 06, 2024
New vulnerability
Responsive iframe GoogleMap (CVE-2025-11813) , Nov 10, 2025
FuseWP &#8211; WordPress User Sync to Email List &amp; Marketing Automation (Mailchimp, Constant Contact, ActiveCampaign etc.) (CVE-2025-11975) , Nov 10, 2025
FuseWP &#8211; WordPress User Sync to Email List &amp; Marketing Automation (Mailchimp, Constant Contact, ActiveCampaign etc.) (CVE-2025-11976) , Nov 10, 2025
Flexible Refund and Return Order for WooCommerce (CVE-2025-10570) , Nov 10, 2025
Lazy Load Optimizer (CVE-2025-60074) , Nov 10, 2025