CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

WordPress TI WooCommerce Wishlist <1.40.1 - SQL Injection

WordPress TI WooCommerce Wishlist plugin before 1.40.1 contains a SQL injection vulnerability. The plugin does not sanitize and escape the itemid parameter before using it in a SQL statement via the wishlist/removeproduct REST endpoint. id: CVE-2022-0412 info: name: WordPress TI WooCommerce...

9.8CVSS7.3AI score0.7458EPSS

Exploits2References5

Vulnrichment•added 2025/12/16 8:12 a.m.•2 views

CVE-2025-67929 WordPress TI WooCommerce Wishlist plugin <= 2.10.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in templateinvaders TI WooCommerce Wishlist ti-woocommerce-wishlist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TI WooCommerce Wishlist: from n/a through = 2.10.0...

5.3CVSS6.6AI score0.00228EPSS

Exploits0References1

Cvelist•added 2025/12/16 8:12 a.m.•30 views

CVE-2025-67929 WordPress TI WooCommerce Wishlist plugin <= 2.10.0 - Broken Access Control vulnerability

5.3CVSS0.00228EPSS

Exploits0References1

Positive Technologies•added 2025/12/16 12:0 a.m.•4 views

PT-2025-51432

Name of the Vulnerable Software and Affected Versions TI WooCommerce Wishlist versions through 2.10.0 Description An authorization issue exists in templateinvaders TI WooCommerce Wishlist, allowing exploitation due to incorrectly configured access control security levels. Recommendations Update T...

5.3CVSS6.6AI score0.00228EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-30570

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00263EPSS

Exploits0References2

NVD•added 2025/09/22 7:16 p.m.•3 views

CVE-2025-58247

5.3CVSS0.00263EPSS

Exploits0References1

Vulnrichment•added 2025/09/22 6:23 p.m.•3 views

CVE-2025-58247 WordPress TI WooCommerce Wishlist plugin <= 2.10.0 - Broken Access Control vulnerability

5.3CVSS5.9AI score0.00263EPSS

Exploits0References1

RedhatCVE•added 2025/05/21 6:17 p.m.•16 views

CVE-2025-47577

Unrestricted Upload of File with Dangerous Type vulnerability in templateinvaders TI WooCommerce Wishlist ti-woocommerce-wishlist allows Upload a Web Shell to a Web Server.This issue affects TI WooCommerce Wishlist: from n/a through = 2.9.2...

10CVSS7.4AI score0.04913EPSS

Exploits2References1

Positive Technologies•added 2025/05/19 12:0 a.m.•3 views

PT-2025-22016 · Templateinvaders · Ti Woocommerce Wishlist

Name of the Vulnerable Software and Affected Versions: TemplateInvaders TI WooCommerce Wishlist versions through 2.9.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an...

6.5CVSS6.7AI score0.00218EPSS

Exploits0References5

RedhatCVE•added 2025/02/05 12:28 p.m.•14 views

CVE-2024-43917

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TemplateInvaders TI WooCommerce Wishlist allows SQL Injection.This issue affects TI WooCommerce Wishlist: from n/a through 2.8.2...

9.8CVSS7.5AI score0.21769EPSS

Exploits3

OSV•added 2024/08/29 3:15 p.m.•3 views

CVE-2024-43917

9.8CVSS5.8AI score0.21769EPSS

Exploits3References1

NVD•added 2024/08/29 3:15 p.m.•35 views

CVE-2024-43917

9.8CVSS0.21769EPSS

Exploits3References1

CVE•added 2024/08/29 2:46 p.m.•132 views

CVE-2024-43917

CVE-2024-43917 affects WordPress TI WooCommerce Wishlist plugin versions n/a through 2.8.2 and is a SQL Injection vulnerability. Affected component is the TI WooCommerce Wishlist plugin for WordPress; root cause is improper neutralization of SQL elements, enabling unauthenticated SQL queries. Exp...

9.8CVSS9.8AI score0.21769EPSS

Exploits3References1Affected Software1

Vulnrichment•added 2024/08/29 2:46 p.m.•61 views

CVE-2024-43917 WordPress TI WooCommerce Wishlist plugin <= 2.8.2 - SQL Injection vulnerability

9.3CVSS9.6AI score0.21769EPSS

Exploits3References1