cleantalk
Vulnerabilities and Security Researches

Wishlist and Compare for WooCommerce, ad09a648-3c34-4870-b156-097af4fd7a57

CVE, Research URL

ad09a648-3c34-4870-b156-097af4fd7a57

Home page URL

Security reports for Wishlist and Compare for WooCommerce

Application

Wishlist and Compare for WooCommerce

Published on
-
Research Description
Wishlist and Compare for WooCommerce [wishlist-and-compare] < 1.0.5 ThemeHigh WooCommerce Wishlist and Comparison &lt; 1.0.5 - Unauthorised AJAX call Some AJAX actions did not have proper CSRF and authorisation checks, allowing unauthorised call either via unauthenticated/low privilege users or CSRF, which could allow attackers to reset or change the settings of the plugin for example
Affected versions
max 1.0.5.
Status
vulnerable
Previous vulnerability researches
My auctions allegro (CVE-2025-27009) , Apr 16, 2025
My auctions allegro (CVE-2024-11707) , Dec 06, 2024
My auctions allegro (CVE-2025-68567) , Jan 10, 2026
My auctions allegro (CVE-2025-68566) , Jan 10, 2026
My auctions allegro (CVE-2025-12851) , Dec 10, 2025
New vulnerability
MapifyLite (by MapifyPro) (6be590d56cf666ad67a6e008b71242e607d966ea) , Jun 16, 2026
MapifyLite (by MapifyPro) (e5bfd53d-0d9a-42f2-8af8-5bb710bac828) , Jun 16, 2026
Posts List Designer by Category &#8211; List Category Posts Or Recent Posts (6d8910c719b2a132ec93828cd37e418b19cac960) , Jun 16, 2026
Posts List Designer by Category &#8211; List Category Posts Or Recent Posts (e7273a52d37b10c428e20c81e144ab0d172f52c8) , Jun 16, 2026
Stock Sync for WooCommerce (32b464c34b74a892762f56ea6c130c4a35d34abe) , Jun 16, 2026