Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

wishlist vulnerabilities and exploits

(subscribe to this query)
3.5
CVSSv2

CVE-2015-3357

Cross-site scripting (XSS) vulnerability in the Wishlist module prior to 6.x-2.7 and 7.x-2.x prior to 7.x-2.7 for Drupal allows remote authenticated users with the "access wishlists" permission to inject arbitrary web script or HTML via unspecified vectors, which are no...
Wishlist Project WishlistWishlist Project Wishlist 7.x-2.5Wishlist Project Wishlist 7.x-2.6Wishlist Project Wishlist 7.x-2.x-dev
5.8
CVSSv2

CVE-2015-3354

Cross-site request forgery (CSRF) vulnerability in the Wishlist module prior to 6.x-2.7 and 7.x-2.x prior to 7.x-2.7 for Drupal allows remote malicious users to hijack the authentication of arbitrary users for requests that delete wishlist purchase intentions via unspecified vect...
Wishlist Project WishlistWishlist Project Wishlist 7.x-2.5Wishlist Project Wishlist 7.x-2.6Wishlist Project Wishlist 7.x-2.x-dev
9.8
CVSSv3

CVE-2024-37112

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Membership Software WishList Member X.This issue affects WishList Member X: from n/a prior to 3.26.7.
Wishlist Member Wishlist Member
6.8
CVSSv2

CVE-2012-2069

Cross-site request forgery (CSRF) vulnerability in the Wishlist module 6.x-2.x prior to 6.x-2.6 and 7.x-2.x prior to 7.x-2.6 for Drupal allows remote malicious users to hijack the authentication of arbitrary users for requests that insert cross-site scripting (XSS) sequences via ...
Mclewin Wishlist 6.x-2.1Mclewin Wishlist 6.x-2.2Mclewin Wishlist 6.x-2.4Mclewin Wishlist 7.x-2.5Mclewin Wishlist 7.x-2.x
8.1
CVSSv3

CVE-2020-36725

The TI WooCommerce Wishlist and TI WooCommerce Wishlist Pro plugins for WordPress are vulnerable to an Options Change vulnerability in versions up to, and including, 1.21.11 and 1.21.4 via the 'ti-woocommerce-wishlist/includes/export.class.php' file. This makes it possi...
Templateinvaders Ti Woocommerce WishlistTemplateinvaders Ti Woocommerce Wishlist Pro
8.8
CVSSv3

CVE-2024-37109

Improper Control of Generation of Code ('Code Injection') vulnerability in Membership Software WishList Member X allows Code Injection.This issue affects WishList Member X: from n/a prior to 3.26.7.
Wishlistmember Wishlist Member
5.3
CVSSv3

CVE-2024-34819

Missing Authorization vulnerability in MoreConvert MC Woocommerce Wishlist.This issue affects MC Woocommerce Wishlist: from n/a up to and including 1.7.2.
Moreconvert Woocommerce Wishlist
9.8
CVSSv3

CVE-2024-43917

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TemplateInvaders TI WooCommerce Wishlist allows SQL Injection.This issue affects TI WooCommerce Wishlist: from n/a up to and including 2.8.2.
Templateinvaders Ti Woocommerce Wishlist
8.8
CVSSv3

CVE-2024-37107

Improper Privilege Management vulnerability in Membership Software WishList Member X allows Privilege Escalation.This issue affects WishList Member X: from n/a prior to 3.26.7.
Wishlistmember Wishlist Member X
7.5
CVSSv3

CVE-2024-37111

Missing Authorization vulnerability in Membership Software WishList Member X.This issue affects WishList Member X: from n/a prior to 3.26.7.
Wishlistmember Wishlist Member X
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
XXECVE-2025-31334CVE-2025-22457berocketrollbarCVE-2025-32269CVE-2025-3268kenj frog 肯尼基蛙memory leakCVE-2025-32253CVE-2025-32273code injectionadministrator z
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook