cleantalk
Vulnerabilities and Security Researches

Constant Contact for WordPress, CVE-2025-48101

CVE, Research URL

CVE-2025-48101

Home page URL

Security reports for Constant Contact for WordPress

Application

Constant Contact for WordPress

Published on
Sep 09, 2025
Research Description
Deserialization of Untrusted Data vulnerability in webdevstudios Constant Contact for WordPress allows Object Injection. This issue affects Constant Contact for WordPress: from n/a through 4.1.1.
Affected versions
Min -, max 4.1.1.
Status
vulnerable
Previous vulnerability researches
XM-Backup (CVE-2025-48109) , Aug 30, 2025
New vulnerability
Advanced Settings (CVE-2025-58975) , Sep 10, 2025
Auto Save Remote Images (Drafts) (CVE-2025-7843) , Sep 10, 2025
Welcart e-Commerce (CVE-2025-58984) , Sep 10, 2025
ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) (CVE-2025-58990) , Sep 10, 2025
Additional Custom Product Tabs for WooCommerce (CVE-2025-58985) , Sep 10, 2025