cleantalk
Vulnerabilities and Security Researches

Constant Contact + WooCommerce, CVE-2025-67580

CVE, Research URL

CVE-2025-67580

Home page URL

Security reports for Constant Contact + WooCommerce

Application

Constant Contact + WooCommerce

Published on
Dec 09, 2025
Research Description
Missing Authorization vulnerability in Constant Contact Constant Contact + WooCommerce constant-contact-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Constant Contact + WooCommerce: from n/a through <= 2.4.1.
Affected versions
max 2.4.1.
Status
vulnerable
Previous vulnerability researches
USS Upyun (CVE-2025-9629) , Oct 11, 2025
New vulnerability
GitHub Gist Shortcode Plugin (CVE-2025-12667) , Dec 12, 2025
Cryptocurrency Payment Gateway for WooCommerce (CVE-2025-12392) , Dec 12, 2025
Wbcom Designs &#8211; Private Community for BuddyPress (CVE-2025-67582) , Dec 12, 2025
WP-Walla (CVE-2025-12589) , Dec 12, 2025
Master Addons for Elementor (CVE-2025-63055) , Dec 12, 2025