cleantalk
Vulnerabilities and Security Researches

Amazon Products to WooCommerce, CVE-2025-5813

CVE, Research URL

CVE-2025-5813

Home page URL

Security reports for Amazon Products to WooCommerce

Application

Amazon Products to WooCommerce

Published on
Jun 26, 2025
Research Description
The Amazon Products to WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wcta2w_get_amazon_product_callback() function in all versions up to, and including, 1.2.7. This makes it possible for unauthenticated attackers to create new produces.
Affected versions
Min -, max 1.2.7.
Status
vulnerable
Previous vulnerability researches
Quick/Bulk Order Form for WooCommerce (CVE-2023-34170) , Jun 06, 2024
Quick/Bulk Order Form for WooCommerce (bba0b15a479ce4a78d2ee5c5d49f2857323896d5) , Jun 06, 2024
New vulnerability
Cron Logger (CVE-2025-53266) , Jul 03, 2025
Custom Login And Signup Widget (CVE-2025-49029) , Jul 03, 2025
Logo Manager For Samandehi (CVE-2025-52780) , Jul 03, 2025
TableOn – WordPress Posts Table Filterable  (CVE-2025-5143) , Jul 03, 2025
WP-Members Membership Plugin (CVE-2025-50051) , Jul 03, 2025