cleantalk
Vulnerabilities and Security Researches

YITH WooCommerce Wishlist, CVE-2026-27329

CVE, Research URL

CVE-2026-27329

Home page URL

Security reports for YITH WooCommerce Wishlist

Application

YITH WooCommerce Wishlist

Published on
May 07, 2026
Research Description
Authorization Bypass Through User-Controlled Key vulnerability in YITH YITH WooCommerce Wishlist allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects YITH WooCommerce Wishlist: from n/a through 4.12.0.
Affected versions
max 4.13.0.
Status
vulnerable
Previous vulnerability researches
Simple GDPR Cookie Compliance (CVE-2026-24604) , Jan 27, 2026
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (CVE-2019-25143) , Jun 07, 2024
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (7d5b4ba83a5c6004460bf267fe534a359e1416b0) , Jun 07, 2024
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (CVE-2023-4013) , Jun 07, 2024
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (CVE-2025-1621) , Mar 14, 2025
New vulnerability
Auto Thickbox (CVE-2025-2537) , May 09, 2026
Happy Addons for Elementor (CVE-2026-25468) , May 09, 2026
YITH WooCommerce Wishlist (CVE-2026-27329) , May 09, 2026
Royal Elementor Addons and Templates (CVE-2026-27421) , May 08, 2026
Royal Elementor Addons and Templates (CVE-2026-25436) , May 08, 2026