cleantalk
Vulnerabilities and Security Researches

Zapier for WordPress, CVE-2025-50010

CVE, Research URL

CVE-2025-50010

Home page URL

Security reports for Zapier for WordPress

Application

Zapier for WordPress

Published on
Jun 20, 2025
Research Description
Missing Authorization vulnerability in Zapier Zapier for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Zapier for WordPress: from n/a through 1.5.2.
Affected versions
Min -, max 1.5.2.
Status
vulnerable
Previous vulnerability researches
Forms to Zapier, Integromat, IFTTT, Workato, Automate.io, elastic.io, Built.io, APIANT, Webhook (CVE-2022-4974) , Nov 15, 2024
Forms to Zapier, Integromat, IFTTT, Workato, Automate.io, elastic.io, Built.io, APIANT, Webhook (CVE-2024-32134) , Jun 07, 2024
Forms to Zapier, Integromat, IFTTT, Workato, Automate.io, elastic.io, Built.io, APIANT, Webhook (5497c36e30e7d17ae16dfecc58c117cd9ee624d7) , Jun 07, 2024
Zapier for WordPress (CVE-2025-50010) , Jun 27, 2025
Zapier for WordPress (CVE-2024-13411) , Mar 26, 2025
New vulnerability
Knowledge Base – Knowledge Base Maker (CVE-2025-52791) , Jun 27, 2025
Zara 4 Image Compression (CVE-2025-49969) , Jun 27, 2025
Woocommerce Line Notify (CVE-2025-30972) , Jun 27, 2025
Simple User Registration (CVE-2025-4334) , Jun 27, 2025
Osom Blocks – Custom Post Type listing block (CVE-2025-5940) , Jun 27, 2025