cleantalk
Vulnerabilities and Security Researches

Selling Commander for WooCommerce – connector plugin, CVE-2025-60243

CVE, Research URL

CVE-2025-60243

Home page URL

Security reports for Selling Commander for WooCommerce – connector plugin

Application

Selling Commander for WooCommerce – connector plugin

Published on
Nov 06, 2025
Research Description
Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for WooCommerce selling-commander-connector allows Privilege Escalation.This issue affects Selling Commander for WooCommerce: from n/a through <= 1.2.46.
Affected versions
max 1.2.46.
Status
vulnerable
Previous vulnerability researches
wpForo Forum (CVE-2019-19109) , Jun 06, 2024
wpForo Forum (CVE-2022-40205) , Jun 06, 2024
wpForo Forum (CVE-2021-24406) , Jun 06, 2024
wpForo Forum (CVE-2022-38144) , Jun 06, 2024
wpForo Forum (CVE-2019-19112) , Jun 06, 2024
New vulnerability
Time Clock &#8211; A WordPress Employee &amp; Volunteer Time Clock Plugin (CVE-2025-10701) , Nov 10, 2025
Simple SEO (CVE-2025-10357) , Nov 10, 2025
Business Directory Plugin &#8211; Easy Listing Directories for WordPress (CVE-2025-64219) , Nov 10, 2025
WP-Lister Lite for eBay (CVE-2025-62881) , Nov 10, 2025
MDTF &#8211; Meta Data and Taxonomies Filter (CVE-2025-49907) , Nov 10, 2025