cleantalk
Vulnerabilities and Security Researches

WooCommerce Sync for QuickBooks Online – by MyWorks, CVE-2025-32524

CVE, Research URL

CVE-2025-32524

Home page URL

Security reports for WooCommerce Sync for QuickBooks Online – by MyWorks

Application

WooCommerce Sync for QuickBooks Online – by MyWorks

Published on
Apr 11, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MyWorks MyWorks WooCommerce Sync for QuickBooks Online allows Reflected XSS. This issue affects MyWorks WooCommerce Sync for QuickBooks Online: from n/a through 2.9.1.
Affected versions
Min -, max 2.9.2.
Status
vulnerable
Previous vulnerability researches
Swiss Toolkit For WP (CVE-2025-31546) , Apr 03, 2025
Swiss Toolkit For WP (CVE-2025-31544) , Apr 03, 2025
Swiss Toolkit For WP (CVE-2024-5204) , Jun 07, 2024
New vulnerability
iCal Feeds (CVE-2025-32528) , Apr 14, 2025
MSRP (List Price/RRP) for WooCommerce (CVE-2025-32552) , Apr 14, 2025
WP-Hijri (CVE-2025-32560) , Apr 14, 2025
Download Manager and Payment Form WordPress Plugin – WP SmartPay (CVE-2025-32689) , Apr 14, 2025
UXsniff Heatmap (CVE-2025-32532) , Apr 14, 2025