Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. Also, Display G, CVE-2025-1463

CVE, Research URL: CVE-2025-1463
Home page URL: Security reports for Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. Also, Display G
Application: Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. Also, Display G
Published on: Mar 05, 2025
Research Description: The Spreadsheet Integration plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.2. This is due to improper nonce validation within the class-wpgsi-show.php script. This makes it possible for unauthenticated attackers to publish arbitrary posts, including private, granted they can trick a site administrator into performing an action such as clicking on a link.
Affected versions: max 3.8.3.
Status: vulnerable

Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce &amp; Most Popular Form Plugins. Also, Display G, CVE-2025-1463