5 matches found
CVE-2024-13774
The Wishlist for WooCommerce: Multi Wishlists Per Customer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.7. This is due to missing or incorrect nonce validation on the 'savetomultiplewishlist' function. This makes it possible for...
CVE-2024-13774
The Wishlist for WooCommerce: Multi Wishlists Per Customer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.7. This is due to missing or incorrect nonce validation on the 'savetomultiplewishlist' function. This makes it possible for...
CVE-2024-13774
creationtimestamp| type| source ---|---|--- 2025-03-08 02:35:22+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6911 2025-03-08 04:29:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ljtosh5erf26 2025-03-08 04:37:51+00:00| seen|...
CVE-2024-13774 Wishlist for WooCommerce: Multi Wishlists Per Customer <= 3.1.7 - Cross-Site Request Forgery to Cross-Site Scriping via Wishlist Name
The Wishlist for WooCommerce: Multi Wishlists Per Customer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.7. This is due to missing or incorrect nonce validation on the 'savetomultiplewishlist' function. This makes it possible for...
CVE-2024-13774 Wishlist for WooCommerce: Multi Wishlists Per Customer <= 3.1.7 - Cross-Site Request Forgery to Cross-Site Scriping via Wishlist Name
The Wishlist for WooCommerce: Multi Wishlists Per Customer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.7. This is due to missing or incorrect nonce validation on the 'savetomultiplewishlist' function. This makes it possible for...