CVE-2025-12584 – Quick View for WooCommerce

CVE ID : CVE-2025-12584

Published : Nov. 27, 2025, 9:27 a.m. | 56 minutes ago

Description : The Quick View for WooCommerce plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.2.17 via the ‘wqv_popup_content’ AJAX endpoint due to insufficient restrictions on which products can be included. This makes it possible for unauthenticated attackers to extract data from private products that they should not have access to.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2025-54057 – Apache SkyWalking: Stored XSS vulnerability

CVE-2025-59302 – Apache CloudStack: Potential remote code execution on Javascript engine defined rules

CVE-2025-59454 – Apache CloudStack: Lack of user permission validation leading to data leak for few APIs

CVE-2025-59890 – Eaton Galileo Local File Inclusion Vulnerability