CVE-2025-48122 – Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light SQL Injection Vulnerability

June 9, 2025

CVE ID : CVE-2025-48122

Published : June 9, 2025, 4:15 p.m. | 5 hours, 14 minutes ago

Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light allows SQL Injection. This issue affects Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light: from n/a through 2.4.37.

Severity: 9.3 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48123 – Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light Code Injection Vulnerability

Next Article CVE-2025-47651 – Infility Global SQL Injection

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

CodeSOD: A Real POS Report

Decoding The SVG path Element: Line Commands

Apple doesn’t need better AI as much as AI needs Apple to bring its A-game

DistroWatch Weekly, Issue 1125

Motion Highlights #9

The 2025 Wholesome Direct was chock-full of cozy casual games and aesthetic vibes

GuacPanel

GuacPanel

FilamentExamples.com: Our Demo-Projects and Tutorials on Filament

Laravel Migration With Schema Validation in MongoDB

Raspberry Pi 5 Desktop Mini PC: Installing Software

Raspberry Pi 5 Desktop Mini PC: Installing Software

SmartOS – Type 1 Hypervisor platform based on illumos

Karakeep is a self-hostable bookmark-everything app

CVE-2025-48122 – Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light SQL Injection Vulnerability

CVE-2025-47651 – Infility Global SQL Injection

CVE-2025-48123 – Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light Code Injection Vulnerability

CVE-2025-1137 – IBM Storage Scale Command Injection Vulnerability

CVE-2025-5419 Zero-Day Vulnerability in Chrome’s V8 Engine

Meta AI Introduces Collaborative Reasoner (Coral): An AI Framework Specifically Designed to Evaluate and Enhance Collaborative Reasoning Skills in LLMs

UniTaskerPro

DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack

Il kernel Linux 6.13 ha raggiunto la fine del suo ciclo di supporto: è tempo di aggiornare alla versione 6.14

Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise

Critical vulnerability in SAP NetWeaver enables malicious file uploads

CVE-2025-48122 – Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light SQL Injection Vulnerability

Related Posts