cleantalk
Vulnerabilities and Security Researches

Amazon Products to WooCommerce, CVE-2025-5813

CVE, Research URL

CVE-2025-5813

Home page URL

Security reports for Amazon Products to WooCommerce

Application

Amazon Products to WooCommerce

Published on
Jun 26, 2025
Research Description
The Amazon Products to WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wcta2w_get_amazon_product_callback() function in all versions up to, and including, 1.2.7. This makes it possible for unauthenticated attackers to create new produces.
Affected versions
Min -, max 1.2.7.
Status
vulnerable
Previous vulnerability researches
Publisher Media Kit (CVE-2022-25858) , Jun 07, 2024
New vulnerability
Email Address Security by WebEmailProtector (CVE-2025-28976) , Jul 03, 2025
Audio Editor & Recorder (CVE-2025-53211) , Jul 03, 2025
WP Optimizer (CVE-2025-53314) , Jul 03, 2025
Omnipress (CVE-2025-53276) , Jul 03, 2025
Pixel Manager for WooCommerce – Track Google Analytics, Google Ads, TikTok and more (CVE-2025-6201) , Jul 03, 2025