cleantalk
Vulnerabilities and Security Researches

Product Catalog – Catalog for WordPress, CVE-2025-30524

CVE, Research URL

CVE-2025-30524

Home page URL

Security reports for Product Catalog – Catalog for WordPress

Application

Product Catalog – Catalog for WordPress

Published on
Mar 26, 2025
Research Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in origincode Product Catalog allows SQL Injection. This issue affects Product Catalog: from n/a through 1.0.4.
Affected versions
Min -, max 1.0.4.
Status
vulnerable
Previous vulnerability researches
School Management System – WPSchoolPress (CVE-2021-24664) , Jun 06, 2024
School Management System – WPSchoolPress (CVE-2021-24575) , Jun 06, 2024
School Management System – WPSchoolPress (CVE-2023-4776) , Jun 06, 2024
School Management System – WPSchoolPress (CVE-2025-1668) , Mar 16, 2025
School Management System – WPSchoolPress (CVE-2025-1669) , Mar 16, 2025
New vulnerability
WP Subscription Forms – The Ultimate WordPress Subscription Form Plugin (CVE-2025-30784) , Mar 29, 2025
Teleport (CVE-2025-28855) , Mar 29, 2025
Support Genix – Support Tickets Managing System & Helpdesk Plugin for WordPress and WooCommerce (CVE-2025-30777) , Mar 29, 2025
Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress (CVE-2025-30770) , Mar 28, 2025
WP Google Review Slider (CVE-2025-30783) , Mar 28, 2025