cleantalk
Vulnerabilities and Security Researches

WPComplete, CVE-2022-45825

CVE, Research URL

CVE-2022-45825

Home page URL

Security reports for WPComplete

Application

WPComplete

Published on
Mar 28, 2023
Research Description
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in iThemes WPComplete plugin <= 2.9.2 versions.
Affected versions
Min -, max 2.9.5.
Status
vulnerable
Previous vulnerability researches
WPComplete (CVE-2022-45825) , Jun 07, 2024
WPComplete (CVE-2025-50046) , Jul 02, 2025
New vulnerability
The E-Commerce ERP: Purchasing, Inventory, Fulfillment, Manufacturing, BOM, Accounting, Sales Analysis (CVE-2025-52836) , Jul 15, 2025
Strong Testimonials (CVE-2025-7367) , Jul 15, 2025
Companion Auto Update (CVE-2025-4369) , Jul 15, 2025
Restrict File Access (CVE-2025-7667) , Jul 15, 2025
Product XML Feed Manager for WooCommerce &#8211; Google Shopping, Social Sites, Skroutz &amp; More (CVE-2025-30959) , Jul 15, 2025