cleantalk
Vulnerabilities and Security Researches

Free Follow-Up Emails & Marketing Automation for WooCommerce – ShopMagic, CVE-2025-59578

CVE, Research URL

CVE-2025-59578

Home page URL

Security reports for Free Follow-Up Emails & Marketing Automation for WooCommerce – ShopMagic

Application

Free Follow-Up Emails & Marketing Automation for WooCommerce – ShopMagic

Published on
Oct 22, 2025
Research Description
Insertion of Sensitive Information Into Sent Data vulnerability in wpdesk ShopMagic shopmagic-for-woocommerce allows Retrieve Embedded Sensitive Data.This issue affects ShopMagic: from n/a through <= 4.5.6.
Affected versions
max 4.5.7.
Status
vulnerable
Previous vulnerability researches
WP SMS &#8211; Messaging &amp; SMS Notification for WordPress, WooCommerce, GravityForms, etc (CVE-2024-43331) , Aug 20, 2024
WP SMS &#8211; Messaging &amp; SMS Notification for WordPress, WooCommerce, GravityForms, etc (CVE-2025-62006) , Nov 11, 2025
WP SMS &#8211; Messaging &amp; SMS Notification for WordPress, WooCommerce, GravityForms, etc (CVE-2023-6981) , Jun 07, 2024
WP SMS &#8211; Messaging &amp; SMS Notification for WordPress, WooCommerce, GravityForms, etc (CVE-2021-24561) , Jun 07, 2024
WP SMS &#8211; Messaging &amp; SMS Notification for WordPress, WooCommerce, GravityForms, etc (CVE-2023-6980) , Jun 07, 2024
New vulnerability
YOP Poll (CVE-2025-62040) , Nov 11, 2025
Insert Headers and Footers Code &#8211; HT Script (CVE-2025-12112) , Nov 11, 2025
Easy Appointments (CVE-2025-49398) , Nov 11, 2025
Keyy Two Factor Authentication (like Clef) (CVE-2025-10293) , Nov 11, 2025
WP Pipes (CVE-2025-60227) , Nov 11, 2025