Security Flaws in eMagicOne Store Manager for WooCommerce in WordPress (CVE-2025-5058 and CVE-2025-4603)
The eMagicOne Store Manager for WooCommerce plugin is used in WordPress to simplify and improve store management by providing functionality not found in the normal WooCommerce admin interface.
Two serious flaws, CVE-2025-5058 and CVE-2025-4603, were found in the eMagicOne Store Manager for WooCommerce WordPress plugin, possessing a critical CVSS score of more than 9. Only in certain situations, such as default configurations with a 1:1 password or if the attacker manages to gain legitimate credentials, can the attacker accomplish remote code execution.
Affected Versions:
- eMagicOne Store Manager for WooCommerce <= 2.5
To read the complete article, see: Seqrite Blog
This post is licensed under CC BY 4.0 by the author.