CVE-2025-48123 – Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light Code Injection Vulnerability

June 9, 2025

CVE ID : CVE-2025-48123

Published : June 9, 2025, 4:15 p.m. | 5 hours, 14 minutes ago

Description : Improper Control of Generation of Code (‘Code Injection’) vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light allows Code Injection. This issue affects Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light: from n/a through 2.4.37.

Severity: 10.0 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48125 – WP Event Manager PHP Remote File Inclusion Vulnerability

Next Article CVE-2025-48122 – Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light SQL Injection Vulnerability

The Value-Driven AI Roadmap

This week in AI updates: Mistral’s new Le Chat features, ChatGPT updates, and more (September 5, 2025)

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

‘Job Hugging’ Trend Emerges as Workers Confront AI Uncertainty

Distribution Release: MocaccinoOS 25.09

Composition in CSS

DataCrunch raises €55M to boost EU AI sovereignty with green cloud infrastructure

Finally, safe array methods in JavaScript

Finally, safe array methods in JavaScript

Perficient Interviewed for Forrester Report on AI’s Transformative Role in DXPs

Perficient’s “What If? So What?” Podcast Wins Gold Stevie® Award for Technology Podcast

Distribution Release: MocaccinoOS 25.09

Distribution Release: MocaccinoOS 25.09

Speed Isn’t Everything When Buying SSDs – Here’s What Really Matters!

14 Themes for Beautifying Your Ghostty Terminal

CVE-2025-48123 – Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light Code Injection Vulnerability

Qantas Airways Slashes CEO Bonus After Cyberattack Exposes 5.7 Million Customers

UAE Cyber Security Council Flags 70% Smart Home Devices as Vulnerable

This iOS 26 feature makes the iPhone 17 Air a more reasonable upgrade for me

Rilasciata Fedora Linux 42: la risposta a tutto con GNOME 48 e innovazioni per tutti gli utenti

Understanding the code modernization conundrum

What Is Cloud Computing?

Scattered Spider Hacker Gets 10 Years, $13M Restitution for SIM Swapping Crypto Theft

CVE-2025-43856: OAuth2 Account Hijacking Flaw Found in Immich, a Popular Self-Hosted Photo Platform

CVE-2025-6970 – WordPress Events Manager SQL Injection

Ghost of Yotei Devs Sucker Punch REVEAL The Mystery Behind Capturing Japan’s Changing Seasons

CVE-2025-48123 – Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light Code Injection Vulnerability

Related Posts