CVE-2025-48331: WordPress WooCommerce Orders & Customers Exporter <= 5.0 - Sensitive Data Exposure Vulnerability

7.5 CVSS

Description

Insertion of Sensitive Information Into Sent Data vulnerability in Vanquish WooCommerce Orders & Customers Exporter allows Retrieve Embedded Sensitive Data.This issue affects WooCommerce Orders & Customers Exporter: from n/a through 5.0.

Classification

CVE ID: CVE-2025-48331

CVSS Base Severity: HIGH

CVSS Base Score: 7.5

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem Types

CWE-201 Insertion of Sensitive Information Into Sent Data

Affected Products

Vendor: Vanquish

Product: WooCommerce Orders & Customers Exporter

References

https://nvd.nist.gov/vuln/detail/CVE-2025-48331
https://patchstack.com/database/wordpress/plugin/woocommerce-orders-customers-exporter/vulnerability/wordpress-woocommerce-orders-customers-exporter-5-0-sensitive-data-exposure-vulnerability?_s_id=cve

Timeline

2025-05-30 15:40:18 UTC
CVE

WordPress WooCommerce Orders & Customers Exporter <= 5.0 - Sensitive Data Exposure Vulnerability