2 matches found
CVE-2025-12375
CVE-2025-12375 refers to a Server-Side Request Forgery in the Printful Integration for WooCommerce plugin for WordPress. The vulnerability exists in all versions up to and including 2.2.11 and is triggered via the advanced size chart REST API endpoint, due to insufficient validation of user-suppl...
CVE-2025-12375 Printful Integration for WooCommerce <= 2.2.11 - Authenticated (Contributor+) Server-Side Request Forgery
The Printful Integration for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.11 via the advanced size chart REST API endpoint. This is due to insufficient validation of user-supplied URLs before passing them to the downloadur...