cleantalk
Vulnerabilities and Security Researches

Store Toolkit for WooCommerce – Boost WooCommerce with useful tools, nuking/deleting, reports, order filters & more!, CVE-2021-25077

CVE, Research URL

CVE-2021-25077

Home page URL

Security reports for Store Toolkit for WooCommerce – Boost WooCommerce with useful tools, nuking/deleting, reports, order filters & more!

Application

Store Toolkit for WooCommerce – Boost WooCommerce with useful tools, nuking/deleting, reports, order filters & more!

Published on
Feb 07, 2022
Research Description
The Store Toolkit for WooCommerce WordPress plugin before 2.3.2 does not sanitise and escape the tab parameter before outputting it back in an admin page in an error message, leading to a Reflected Cross-Site Scripting
Affected versions
Min -, max 2.3.4.
Status
vulnerable
Previous vulnerability researches
Store Toolkit for WooCommerce – Boost WooCommerce with useful tools, nuking/deleting, reports, order filters & more! (CVE-2022-4974) , Nov 15, 2024
Store Toolkit for WooCommerce – Boost WooCommerce with useful tools, nuking/deleting, reports, order filters & more! (CVE-2016-10923) , Jun 07, 2024
Store Toolkit for WooCommerce – Boost WooCommerce with useful tools, nuking/deleting, reports, order filters & more! (CVE-2021-25077) , Jun 07, 2024
Store Toolkit for WooCommerce – Boost WooCommerce with useful tools, nuking/deleting, reports, order filters & more! (CVE-2016-10922) , Jun 07, 2024
New vulnerability
Trust Payments Gateway for WooCommerce (JavaScript Library) (CVE-2025-53569) , Jul 04, 2025
Video List Manager (CVE-2025-52776) , Jul 04, 2025
Premium Addons for Elementor (CVE-2024-11937) , Jul 04, 2025
Aioseo Multibyte Descriptions (CVE-2025-53327) , Jul 04, 2025
Booking X – Appointment and Reservation Availability Calendar (CVE-2025-6814) , Jul 04, 2025