CVE-2025-48129 – Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light Privilege Escalation Vulnerability

June 9, 2025

CVE ID : CVE-2025-48129

Published : June 9, 2025, 4:15 p.m. | 25 minutes ago

Description : Incorrect Privilege Assignment vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light allows Privilege Escalation. This issue affects Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light: from n/a through 2.4.37.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48130 – Spice Blocks Path Traversal Vulnerability

Next Article CVE-2025-48126 – g5theme Essential Real Estate PHP Remote File Inclusion Vulnerability

How To Prevent WordPress SQL Injection Attacks

Java never goes out of style: Celebrating 30 years of the language

OpenAI o3-pro available in the API, BrowserStack adds Playwright support for real iOS devices, and more – Daily News Digest

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

Minecraft Vibrant Visuals finally has a release date and it’s dropping with the Happy Ghasts

QAQ-QQ-AI-QUEST

QAQ-QQ-AI-QUEST

JS Dark Arts: Abusing prototypes and the Result type

Helpful Git Aliases To Maximize Developer Productivity

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

CVE-2025-48129 – Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light Privilege Escalation Vulnerability

Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion

More From Our Main Blog: The Good, the Bad and the Ugly in Cybersecurity – Week 24

CVE-2024-44906 – Uptrace PGDriver SQL Injection Vulnerability

Elden Ring Nightreign Night Aspect: How to beat Heolstor the Nightlord, the final boss

Securing the Future: Best Practices for Data Privacy in AI Projects🔐

Apple Backports Zero-Day Patches to Older Devices in Latest Security Update

Orca Security announces new solution for scanning Bitbucket repositories for security issues

CVE-2025-46552 – GitHub KHC-INVITATION-AUTOMATION Unauthenticated User Data Disclosure

CVE-2025-44091 – Yangyouwang Crud XSS

CVE-2025-4026 – PHPGurukul Nipah Virus Testing Management System SQL Injection Vulnerability

CVE-2025-48129 – Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light Privilege Escalation Vulnerability

Related Posts