cleantalk
Vulnerabilities and Security Researches

Thank You Page Customizer for WooCommerce – Increase Your Sales, CVE-2024-1686

CVE, Research URL

CVE-2024-1686

Home page URL

Security reports for Thank You Page Customizer for WooCommerce – Increase Your Sales

Application

Thank You Page Customizer for WooCommerce – Increase Your Sales

Published on
Feb 27, 2024
Research Description
The Thank You Page Customizer for WooCommerce – Increase Your Sales plugin for WordPress is vulnerable to missing authorization e in all versions up to, and including, 1.1.2 via the apply_layout function due to a missing capability check. This makes it possible for authenticated attackers, with subscriber-level access and above, to retrieve arbitrary order data which may contain PII.
Affected versions
Min -, max 1.1.3.
Status
vulnerable
Previous vulnerability researches
Thank You Page Customizer for WooCommerce – Increase Your Sales (CVE-2025-30993) , Aug 15, 2025
Thank You Page Customizer for WooCommerce – Increase Your Sales (CVE-2024-1686) , Jun 07, 2024
Thank You Page Customizer for WooCommerce – Increase Your Sales (CVE-2024-1687) , Jun 07, 2024
Thank You Page Customizer for WooCommerce – Increase Your Sales (CVE-2022-46812) , Jun 07, 2024
Thank You Page Customizer for WooCommerce – Increase Your Sales (CVE-2022-46810) , Jun 07, 2024
New vulnerability
12 Step Meeting List (CVE-2025-54054) , Aug 15, 2025
Joinchat , Aug 15, 2025
Thank You Page Customizer for WooCommerce – Increase Your Sales (CVE-2025-30993) , Aug 15, 2025
GMap Generator (CVE-2025-8568) , Aug 14, 2025
GiveWP – Donation Plugin and Fundraising Platform (CVE-2025-47444) , Aug 14, 2025