cleantalk
Vulnerabilities and Security Researches

Lucky Wheel for WooCommerce – Spin a Sale, c9ebc1afc3f1cd74ba354933b129a48db85927d6

CVE, Research URL

c9ebc1afc3f1cd74ba354933b129a48db85927d6

Home page URL

Security reports for Lucky Wheel for WooCommerce – Spin a Sale

Application

Lucky Wheel for WooCommerce – Spin a Sale

Published on
Apr 08, 2022
Research Description
Lucky Wheel for WooCommerce &#8211; Spin a Sale [woo-lucky-wheel] < 1.0.11 WordPress Lucky Wheel for WooCommerce – Spin a Sale plugin <= 1.0.10 - Stored Cross-Site Scripting (XSS) vulnerability Stored Cross-Site Scripting (XSS) vulnerability discovered in WordPress Lucky Wheel for WooCommerce – Spin a Sale plugin (versions <= 1.0.10).
Affected versions
max 1.0.11.
Status
vulnerable
Previous vulnerability researches
Lucky Wheel for WooCommerce &#8211; Spin a Sale (CVE-2025-14509) , Jan 10, 2026
Lucky Wheel for WooCommerce &#8211; Spin a Sale (c9ebc1afc3f1cd74ba354933b129a48db85927d6) , Jun 07, 2024
New vulnerability
Pure WC Variation Swatches (CVE-2025-12820) , Jan 11, 2026
WP Scraper (CVE-2025-62088) , Jan 11, 2026
Chat Widget: Customer Support Button with SMS Call Button, Click to Chat Messenger Live Chat Support Chat Button &#8211; Bit As (CVE-2025-68596) , Jan 11, 2026
Free Follow-Up Emails &amp; Marketing Automation for WooCommerce &#8211; ShopMagic (CVE-2025-69093) , Jan 11, 2026
SALESmanago (CVE-2025-68571) , Jan 11, 2026