42 matches found
EUVD-2026-11924
Missing Authorization vulnerability in WPClever WPC Smart Wishlist for WooCommerce woo-smart-wishlist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPC Smart Wishlist for WooCommerce: from n/a through = 5.0.8...
CVE-2026-32407
Missing Authorization vulnerability in WPClever WPC Smart Wishlist for WooCommerce woo-smart-wishlist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPC Smart Wishlist for WooCommerce: from n/a through = 5.0.8...
CVE-2026-32407
Missing Authorization vulnerability in WPClever WPC Smart Wishlist for WooCommerce woo-smart-wishlist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPC Smart Wishlist for WooCommerce: from n/a through = 5.0.8...
CVE-2026-32407
Technical details (affected product, vulnerable component, impact, or remediation) are not publicly provided in the supplied documents; monitor for updates.
CVE-2026-32407 WordPress WPC Smart Wishlist for WooCommerce plugin <= 5.0.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in WPClever WPC Smart Wishlist for WooCommerce woo-smart-wishlist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPC Smart Wishlist for WooCommerce: from n/a through = 5.0.8...
CVE-2022-0397
The WPC Smart Wishlist for WooCommerce WordPress plugin before 2.9.4 does not sanitise and escape the key parameter before outputting it back in the wishlistquickview AJAX action's response available to any authenticated user, leading to a Reflected Cross-Site Scripting...
CVE-2025-11742 WPC Smart Wishlist for WooCommerce <= 5.0.4 - Missing Authorization to Authenticated (Subscriber+) Information Exposure
The WPC Smart Wishlist for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'wishlistquickview' AJAX action in all versions up to, and including, 5.0.4. This makes it possible for authenticated attackers, with Subscriber-level...
CVE-2025-11742
CVE-2025-11742 describes an information exposure in the WordPress plugin WPC Smart Wishlist for WooCommerce (WordPress). The root cause is a missing capability check on the AJAX action wishlist_quickview , affecting all versions up to and including 5.0.4. This allows authenticated users with Subs...
WordPress WPC Smart Wishlist for WooCommerce plugin <= 5.0.4 - Missing Authorization to Authenticated (Subscriber+) Information Exposure vulnerability
Missing Authorization to Authenticated Subscriber+ Information Exposure vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin WPC Smart Wishlist for WooCommerce versions = 5.0.4...
WordPress plugin WPC Smart Wishlist for WooCommerce 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
CVE-2025-11518
The WPC Smart Wishlist for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.0.3 via several wishlist AJAX functions due to missing validation on a user controlled key that is exposed when wishlists are shared. This makes it...
CVE-2025-11518 WPC Smart Wishlist for WooCommerce <= 5.0.3 - Insecure Direct Object Reference to Unauthenticated Wishlist Manipulation
The WPC Smart Wishlist for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.0.3 via several wishlist AJAX functions due to missing validation on a user controlled key that is exposed when wishlists are shared. This makes it...
WordPress plugin WPC Smart Wishlist for WooCommerce 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
EUVD-2022-24769
Malicious code in bioql PyPI...
EUVD-2022-15543
Malicious code in bioql PyPI...
CVE-2023-34386
Cross-Site Request Forgery CSRF vulnerability in WPClever WPC Smart Wishlist for WooCommerce plugin = 4.7.1 versions...
CVE-2022-1465
The WPC Smart Wishlist for WooCommerce WordPress plugin before 2.9.9 does not sanitise and escape a parameter before outputting it back in an attribute via an AJAX action, leading to a Reflected Cross-Site Scripting issue...
WordPress WPC Smart Wishlist for WooCommerce Plugin < 4.7.2 CSRF Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpclever:wpcsmartwishlistforwoocommerce"; ifdescription...
CVE-2023-34386
A vulnerability in WPClever WPC Smart Wishlist for WooCommerce woo-smart-wishlist.This issue affects WPC Smart Wishlist for WooCommerce: from n/a through = 4.7.1...
CVE-2023-34386
Cross-Site Request Forgery CSRF vulnerability in WPClever WPC Smart Wishlist for WooCommerce plugin = 4.7.1 versions...