cleantalk
Vulnerabilities and Security Researches

onOffice for WP-Websites, CVE-2025-32127

CVE, Research URL

CVE-2025-32127

Home page URL

Security reports for onOffice for WP-Websites

Application

onOffice for WP-Websites

Published on
Apr 04, 2025
Research Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in onOffice GmbH onOffice for WP-Websites allows SQL Injection. This issue affects onOffice for WP-Websites: from n/a through 5.7.
Affected versions
Min -, max 5.7.
Status
vulnerable
Previous vulnerability researches
Teleport (CVE-2025-28855) , Mar 29, 2025
New vulnerability
AdMail – Back in-stock notifier for WooCommerce (CVE-2025-32234) , Apr 06, 2025
Course Booking System (CVE-2025-32253) , Apr 06, 2025
Radius Blocks – WordPress Gutenberg Blocks (CVE-2025-32159) , Apr 06, 2025
Wishlist (CVE-2025-32272) , Apr 06, 2025
Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Wo (CVE-2025-32184) , Apr 06, 2025