cleantalk
Vulnerabilities and Security Researches

YayExtra – WooCommerce Extra Product Options, CVE-2025-31415

CVE, Research URL

CVE-2025-31415

Home page URL

Security reports for YayExtra – WooCommerce Extra Product Options

Application

YayExtra – WooCommerce Extra Product Options

Published on
Apr 01, 2025
Research Description
Missing Authorization vulnerability in YayCommerce YayExtra allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects YayExtra: from n/a through 1.5.2.
Affected versions
Min -, max 1.5.3.
Status
vulnerable
Previous vulnerability researches
YayExtra – WooCommerce Extra Product Options (CVE-2025-31415) , Apr 03, 2025
YayExtra – WooCommerce Extra Product Options (CVE-2024-7257) , Aug 04, 2024
YayExtra – WooCommerce Extra Product Options (CVE-2025-48299) , Jul 18, 2025
New vulnerability
Wallet System for WooCommerce – Digital Wallet, Cashback Rewards, Recharge User Wallets, View Transaction History (CVE-2025-54041) , Jul 19, 2025
Chatbox Manager (CVE-2025-48167) , Jul 19, 2025
Zuppler Online Ordering (CVE-2025-6053) , Jul 19, 2025
Counter live visitors for WooCommerce (CVE-2025-7359) , Jul 19, 2025
AntiSpam for Contact Form 7 (CVE-2025-54020) , Jul 19, 2025