CVE-2025-49319
- EPSS 0.06%
- Published 16.07.2025 11:27:59
- Last modified 16.07.2025 14:58:59
Missing Authorization vulnerability in WPFactory Wishlist for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Wishlist for WooCommerce: from n/a through 3.2.3.
CVE-2025-48237
- EPSS 0.06%
- Published 19.05.2025 14:44:51
- Last modified 21.05.2025 20:25:33
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Wishlist for WooCommerce allows Stored XSS. This issue affects Wishlist for WooCommerce: from n/a through 3.2.2.
CVE-2024-13774
- EPSS 0.02%
- Published 08.03.2025 03:15:36
- Last modified 12.03.2025 17:01:06
The Wishlist for WooCommerce: Multi Wishlists Per Customer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.7. This is due to missing or incorrect nonce validation on the 'save_to_multiple_wis...
CVE-2024-10519
- EPSS 1.34%
- Published 23.11.2024 10:15:03
- Last modified 12.07.2025 00:29:04
The Wishlist for WooCommerce: Multi Wishlists Per Customer PRO plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wtab' parameter in versions 3.0.8 to 3.1.2 due to insufficient input sanitization and output escaping. This m...