cleantalk
Vulnerabilities and Security Researches

Selling Commander for WooCommerce – connector plugin, CVE-2025-60243

CVE, Research URL

CVE-2025-60243

Home page URL

Security reports for Selling Commander for WooCommerce – connector plugin

Application

Selling Commander for WooCommerce – connector plugin

Published on
Nov 06, 2025
Research Description
Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for WooCommerce selling-commander-connector allows Privilege Escalation.This issue affects Selling Commander for WooCommerce: from n/a through <= 1.2.46.
Affected versions
max 1.2.46.
Status
vulnerable
Previous vulnerability researches
Team Showcase and Slider &#8211; Team Members Builder (CVE-2024-51763) , Nov 08, 2024
New vulnerability
Business Directory Plugin &#8211; Easy Listing Directories for WordPress (CVE-2025-64219) , Nov 10, 2025
WP-Lister Lite for eBay (CVE-2025-62881) , Nov 10, 2025
MDTF &#8211; Meta Data and Taxonomies Filter (CVE-2025-49907) , Nov 10, 2025
MDTF &#8211; Meta Data and Taxonomies Filter (CVE-2025-62964) , Nov 10, 2025
MDTF &#8211; Meta Data and Taxonomies Filter (CVE-2025-62069) , Nov 10, 2025