cleantalk
Vulnerabilities and Security Researches

SpecFit-Virtual Try On Woocommerce, CVE-2025-23973

CVE, Research URL

CVE-2025-23973

Home page URL

Security reports for SpecFit-Virtual Try On Woocommerce

Application

SpecFit-Virtual Try On Woocommerce

Published on
Jun 27, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dugudlabs SpecFit-Virtual Try On Woocommerce allows Stored XSS. This issue affects SpecFit-Virtual Try On Woocommerce: from n/a through 7.0.6.
Affected versions
Min -, max 7.0.5.
Status
vulnerable
Previous vulnerability researches
Quick/Bulk Order Form for WooCommerce (CVE-2023-34170) , Jun 06, 2024
Quick/Bulk Order Form for WooCommerce (bba0b15a479ce4a78d2ee5c5d49f2857323896d5) , Jun 06, 2024
New vulnerability
WANotifier – Send Message Notifications Using Cloud API (CVE-2025-49976) , Jul 02, 2025
OceanWP (CVE-2025-5524) , Jul 02, 2025
WP Social AutoConnect (CVE-2025-50022) , Jul 02, 2025
ONet Regenerate Thumbnails (CVE-2025-53264) , Jul 02, 2025
Podcast Feed Player Widget and Shortcode (CVE-2025-53300) , Jul 02, 2025