cleantalk
Vulnerabilities and Security Researches

Product Feed for WooCommerce – Google Shops, Facebook Shop, TikTok, Instagram, and More, CVE-2025-49287

CVE, Research URL

CVE-2025-49287

Home page URL

Security reports for Product Feed for WooCommerce – Google Shops, Facebook Shop, TikTok, Instagram, and More

Application

Product Feed for WooCommerce – Google Shops, Facebook Shop, TikTok, Instagram, and More

Published on
Jun 06, 2025
Research Description
Missing Authorization vulnerability in WebToffee Product Feed for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Product Feed for WooCommerce: from n/a through 2.2.8.
Affected versions
max 2.2.9.
Status
vulnerable
Previous vulnerability researches
Product Feed for WooCommerce – Google Shops, Facebook Shop, TikTok, Instagram, and More (CVE-2025-49287) , Jun 15, 2025
Product Feed for WooCommerce – Google Shops, Facebook Shop, TikTok, Instagram, and More (CVE-2025-66089) , Dec 10, 2025
New vulnerability
Contact Form Builder Plugin: Multi Step Contact Form, Payment Form, Custom Contact Form Plugin by Bit Form (CVE-2026-25418) , Feb 28, 2026
Image Photo Gallery Final Tiles Grid (CVE-2026-25375) , Feb 28, 2026
Share This Image (CVE-2026-25010) , Feb 28, 2026
Bold Page Builder (CVE-2026-25451) , Feb 28, 2026
Bold Page Builder (CVE-2025-13463) , Feb 28, 2026