cleantalk
Vulnerabilities and Security Researches

TI WooCommerce Wishlist, CVE-2020-36725

CVE, Research URL

CVE-2020-36725

Home page URL

Security reports for TI WooCommerce Wishlist

Application

TI WooCommerce Wishlist

Published on
Jun 07, 2023
Research Description
The TI WooCommerce Wishlist and TI WooCommerce Wishlist Pro plugins for WordPress are vulnerable to an Options Change vulnerability in versions up to, and including, 1.21.11 and 1.21.4 via the 'ti-woocommerce-wishlist/includes/export.class.php' file. This makes it possible for authenticated attackers to gain otherwise restricted access to the vulnerable blog and update any settings.
Affected versions
Min -, max 1.21.12.
Status
vulnerable
Previous vulnerability researches
TI WooCommerce Wishlist (CVE-2025-32920) , May 20, 2025
TI WooCommerce Wishlist (CVE-2025-47577) , May 20, 2025
TI WooCommerce Wishlist (CVE-2024-10567) , Dec 05, 2024
TI WooCommerce Wishlist (CVE-2024-43917) , Aug 25, 2024
TI WooCommerce Wishlist (CVE-2024-9156) , Oct 11, 2024
New vulnerability
WordPress Gallery Plugin – NextGEN Gallery (CVE-2024-5878) , May 21, 2025
Pretty Links – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin (CVE-2025-48247) , May 21, 2025
Qi Blocks (CVE-2025-1626) , May 21, 2025
Qi Blocks (CVE-2025-1625) , May 21, 2025
Qi Blocks (CVE-2025-1627) , May 21, 2025