4.3

CVE-2026-24575

WordPress WishList Member X plugin <= 3.29.0 - Broken Access Control vulnerability

WishList Member X <= 3.29.0 - Missing Authorization

Subscriber Broken Access Control in WishList Member X <= 3.29.0 versions.
Mögliche Gegenmaßnahme
Wishlist Member: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerWishList Member
Produkt WishList Member X
Default Statusunaffected
Version <= 3.29.0
Version n/a
Status affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Weitere Schwachstelleninformationen
SystemWordPress Plugin
Produkt Wishlist Member
Version *-3.29.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.26% 0.17
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
21595511-bba5-4825-b968-b78d1f9984a3 4.3 0 0
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://patchstack.com/database/wordpress/plugin/wishlist-member-x/vulnerability/wordpress-wishlist-member-x-plugin-3-29-0-broken-access-control-vulnerability?_s_id=cve
vdb-entry
https://www.wordfence.com/threat-intel/vulnerabilities/id/961b9872-e602-49a7-a11a-566f3cd4bd0a
Third Party Advisory