WordPress TI WooCommerce Wishlist <1.40.1 - SQL Injection

WordPress TI WooCommerce Wishlist plugin before 1.40.1 contains a SQL injection vulnerability. The plugin does not sanitize and escape the itemid parameter before using it in a SQL statement via the wishlist/removeproduct REST endpoint. id: CVE-2022-0412 info: name: WordPress TI WooCommerce...

CVE-2022-0412

The TI WooCommerce Wishlist WordPress plugin before 1.40.1, TI WooCommerce Wishlist Pro WordPress plugin before 1.40.1 do not sanitise and escape the itemid parameter before using it in a SQL statement via the wishlist/removeproduct REST endpoint, allowing unauthenticated attackers to perform SQL...

CVE-2025-67929 WordPress TI WooCommerce Wishlist plugin <= 2.10.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in templateinvaders TI WooCommerce Wishlist ti-woocommerce-wishlist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TI WooCommerce Wishlist: from n/a through = 2.10.0...

CVE-2025-67929

CVE-2025-67929 corresponds to TI WooCommerce Wishlist (templateinvaders)

CVE-2025-9207

CVE-2025-9207 affects the TI WooCommerce Wishlist plugin for WordPress. The vulnerability is an HTML injection flaw present in all versions up to and including 2.10.0, caused by accepting values in hidden inputs without proper validation and outputting them without sanitization. This enables unau...

WordPress TI WooCommerce Wishlist plugin <= 2.10.0 - Unauthenticated HTML Injection vulnerability

Unauthenticated HTML Injection vulnerability discovered by pimschaaf - Open Roads in WordPress Plugin TI WooCommerce Wishlist versions = 2.10.0...

WordPress plugin TI WooCommerce Wishlist 输入验证错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. An input...

EUVD-2020-24167

Malware in sbrugna...

EUVD-2025-15720

Malicious code in bioql PyPI...

EUVD-2025-15805

Malicious code in bioql PyPI...

WordPress TI WooCommerce Wishlist plugin <= 2.10.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by PARIMAL NA in WordPress Plugin TI WooCommerce Wishlist versions = 2.10.0...

CVE-2025-58247

Technical details about CVE-2025-58247 are not provided in the supplied documents; monitor for updates.

WordPress plugin TI WooCommerce Wishlist 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

Exploit for CVE-2025-47577

CVE-2025-47577 A proof of concept developed to exploit CVE-2...

Exploit for SQL Injection in Templateinvaders Ti_Woocommerce_Wishlist

CVE-2024-43917 A proof of concept developed to exploit CVE-2...

The vulnerability of the TI WooCommerce Wishlist plugin for WordPress content management system allows a hacker to write arbitrary files.

The vulnerability of the TI WooCommerce Wishlist plugin for WordPress content management system is related to the ability to download files of a dangerous type without limitation. Exploiting this vulnerability could allow an attacker to write arbitrary files...

Exploit for CVE-2025-47577

PoC exploit for CVE-2025-47577, an arbitrary file upload vulnera...

Over 100,000 WordPress Sites at Risk from Critical CVSS 10.0 Vulnerability in Wishlist Plugin

Cybersecurity researchers have disclosed a critical unpatched security flaw impacting TI WooCommerce Wishlist plugin for WordPress that could be exploited by unauthenticated attackers to upload arbitrary files. TI WooCommerce Wishlist, which has over 100,000 active installations, is a tool to all...

PT-2025-23026

Double unlock in x86 guest IRQ handling. CVE-2024-31143 Xapi: Metadata injection attack against backup/restore functionality. CVE-2024-31144 Error handling in x86 IOMMU identity mapping. CVE-2024-31145 PCI device pass-through with shared resources. CVE-2024-31146 x86: Deadlock in vlapic error...

CVE-2025-32920

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in templateinvaders TI WooCommerce Wishlist ti-woocommerce-wishlist allows Stored XSS.This issue affects TI WooCommerce Wishlist: from n/a through = 2.10.0...