CVE-2025-48123 – Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light Code Injection Vulnerability

June 9, 2025

CVE ID : CVE-2025-48123

Published : June 9, 2025, 4:15 p.m. | 5 hours, 14 minutes ago

Description : Improper Control of Generation of Code (‘Code Injection’) vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light allows Code Injection. This issue affects Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light: from n/a through 2.4.37.

Severity: 10.0 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48125 – WP Event Manager PHP Remote File Inclusion Vulnerability

Next Article CVE-2025-48122 – Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light SQL Injection Vulnerability

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

CodeSOD: A Real POS Report

Decoding The SVG path Element: Line Commands

Apple doesn’t need better AI as much as AI needs Apple to bring its A-game

DistroWatch Weekly, Issue 1125

Motion Highlights #9

The 2025 Wholesome Direct was chock-full of cozy casual games and aesthetic vibes

GuacPanel

GuacPanel

FilamentExamples.com: Our Demo-Projects and Tutorials on Filament

Laravel Migration With Schema Validation in MongoDB

Raspberry Pi 5 Desktop Mini PC: Installing Software

Raspberry Pi 5 Desktop Mini PC: Installing Software

SmartOS – Type 1 Hypervisor platform based on illumos

Karakeep is a self-hostable bookmark-everything app

CVE-2025-48123 – Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light Code Injection Vulnerability

CVE-2025-47651 – Infility Global SQL Injection

CVE-2025-48122 – Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light SQL Injection Vulnerability

How to Build a Testing Framework for E-Commerce Checkout and Payments

JustDD is a USB Image Writer

CVE-2025-40906 – MongoDB BSON Serialization BSON::XS Multiple Vulnerabilities

Microsoft celebrates 50th anniversary with a new Xbox Dynamic Background and more

Best USB WiFi Adapter For Kali Linux 2025 [Updated March]

MLOps vs DevOps: Unifying AI and Software Development

CVE-2025-35008 – Microhard BulletLTE-NA2/IPn4Gii-NA2 Command Injection Vulnerability

Here’s how to get a free iPhone 16 Pro from T-Mobile with no trade-in required

CVE-2025-48123 – Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light Code Injection Vulnerability

Related Posts