Lucene search
K

175 matches found

NVD
NVD
added 10 hours ago2 views

CVE-2026-57356

Unauthenticated Cross Site Scripting XSS in MC Woocommerce Wishlist = 1.9.19 versions...

7.1CVSS
Exploits0References1
Cvelist
Cvelist
added 11 hours ago5 views

CVE-2026-57356 WordPress MC Woocommerce Wishlist plugin <= 1.9.19 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in MC Woocommerce Wishlist = 1.9.19 versions...

7.1CVSS
Exploits0References1
CVE
CVE
added 11 hours ago3 views

CVE-2026-57356

CVE-2026-57356 is an unauthenticated Cross Site Scripting (XSS) vulnerability affecting the WordPress MC Woocommerce Wishlist plugin version ≤ 1.9.19. The issue, identified in the CVE record, does not specify exploitation status or a confirmed fix within the provided documents. The CVSS base scor...

7.1CVSS5.8AI score
Exploits0References1
EUVD
EUVD
added 11 hours ago3 views

EUVD-2026-41355

Unauthenticated Cross Site Scripting XSS in MC Woocommerce Wishlist = 1.9.19 versions...

7.1CVSS5.8AI score
Exploits0References1
Nuclei
Nuclei
added 13 hours ago19 views

TI WooCommerce Wishlist <= 2.9.2 - Arbitrary File Upload

TemplateInvaders TI WooCommerce Wishlist = 2.10.0 contains an unrestricted file upload vulnerability caused by lack of proper file type validation, letting attackers upload web shells to the server, exploit requires no special privileges. id: CVE-2025-47577 info: name: TI WooCommerce Wishlist =...

10CVSS7.6AI score0.04913EPSS
Exploits2References3
Nuclei
Nuclei
added 13 hours ago38 views

WordPress TI WooCommerce Wishlist <1.40.1 - SQL Injection

WordPress TI WooCommerce Wishlist plugin before 1.40.1 contains a SQL injection vulnerability. The plugin does not sanitize and escape the itemid parameter before using it in a SQL statement via the wishlist/removeproduct REST endpoint. id: CVE-2022-0412 info: name: WordPress TI WooCommerce...

9.8CVSS7.3AI score0.7458EPSS
Exploits2References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:45 p.m.8 views

CVE-2026-4432

The YITH WooCommerce Wishlist WordPress plugin before 4.13.0 does not properly validate wishlist ownership in the savetitle AJAX handler before allowing wishlist renaming operations. The function only checks for a valid nonce, which is publicly exposed in the page source of the /wishlist/ page,...

6.5CVSS5.5AI score0.00226EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.10 views

CVE-2026-27329

Authorization Bypass Through User-Controlled Key vulnerability in YITH YITH WooCommerce Wishlist allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects YITH WooCommerce Wishlist: from n/a through 4.12.0...

5.3CVSS5.4AI score0.00315EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/07 9:31 a.m.18 views

EUVD-2026-28334

Authorization Bypass Through User-Controlled Key vulnerability in YITH YITH WooCommerce Wishlist allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects YITH WooCommerce Wishlist: from n/a through 4.12.0...

5.3CVSS5.8AI score0.00315EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/07 7:35 a.m.4 views

CVE-2026-27329

Authorization Bypass Through User-Controlled Key vulnerability in YITH YITH WooCommerce Wishlist allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects YITH WooCommerce Wishlist: from n/a through 4.12.0...

5.3CVSS5.8AI score0.00315EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/07 7:35 a.m.36 views

CVE-2026-27329 WordPress YITH WooCommerce Wishlist plugin <= 4.12.0 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in YITH YITH WooCommerce Wishlist allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects YITH WooCommerce Wishlist: from n/a through 4.12.0...

5.3CVSS0.00315EPSS
Exploits0References1
CVE
CVE
added 2026/05/07 7:35 a.m.17 views

CVE-2026-27329

The CVE concerns WordPress YITH WooCommerce Wishlist plugin (versions

5.3CVSS5.8AI score0.00315EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/07 7:35 a.m.7 views

CVE-2026-27329 WordPress YITH WooCommerce Wishlist plugin <= 4.12.0 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in YITH YITH WooCommerce Wishlist allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects YITH WooCommerce Wishlist: from n/a through 4.12.0...

5.3CVSS5.8AI score0.00315EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/07 7:34 a.m.9 views

WordPress YITH WooCommerce Wishlist plugin <= 4.12.0 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by PPzzAArr in WordPress Plugin YITH WooCommerce Wishlist versions = 4.12.0...

5.3CVSS5.8AI score0.00315EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.14 views

PT-2026-38357

Name of the Vulnerable Software and Affected Versions YITH WooCommerce Wishlist versions prior to 4.12.0 Description An authorization bypass exists due to a user-controlled key, which allows for the exploitation of incorrectly configured access control security levels. Recommendations Update to a...

5.3CVSS5.8AI score0.00315EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.11 views

WordPress plugin YITH WooCommerce Wishlist 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

5.3CVSS5.8AI score0.00315EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:17 p.m.7 views

CVE-2026-32407

Missing Authorization vulnerability in WPClever WPC Smart Wishlist for WooCommerce woo-smart-wishlist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPC Smart Wishlist for WooCommerce: from n/a through = 5.0.8...

4.3CVSS5.8AI score0.00193EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.5 views

WordPress plugin WPC Smart Wishlist for WooCommerce 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

4.3CVSS5.8AI score0.00193EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/21 7:30 p.m.4 views

CVE-2025-68024

Missing Authorization vulnerability in Addonify Addonify – WooCommerce Wishlist addonify-wishlist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify – WooCommerce Wishlist: from n/a through = 2.0.15...

6.5CVSS5.5AI score0.00245EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 4:22 p.m.3 views

CVE-2025-68024

Missing Authorization vulnerability in Addonify Addonify – WooCommerce Wishlist addonify-wishlist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify – WooCommerce Wishlist: from n/a through = 2.0.15...

6.5CVSS0.00245EPSS
Exploits0References1
Rows per page
Query Builder