cleantalk
Vulnerabilities and Security Researches

WishSuite – Wishlist for WooCommerce, CVE-2025-30820

CVE, Research URL

CVE-2025-30820

Home page URL

Security reports for WishSuite – Wishlist for WooCommerce

Application

WishSuite – Wishlist for WooCommerce

Published on
Mar 27, 2025
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in HT Plugins WishSuite allows PHP Local File Inclusion. This issue affects WishSuite: from n/a through 1.4.4.
Affected versions
Min -, max 1.4.5.
Status
vulnerable
Previous vulnerability researches
Directory Listings WordPress plugin – uListing (CVE-2021-36875) , Jun 07, 2024
Directory Listings WordPress plugin – uListing (CVE-2021-36877) , Jun 07, 2024
Directory Listings WordPress plugin – uListing (CVE-2021-36880) , Jun 07, 2024
Directory Listings WordPress plugin – uListing (CVE-2021-36874) , Jun 07, 2024
Directory Listings WordPress plugin – uListing (CVE-2021-36876) , Jun 07, 2024
New vulnerability
AI Search Bar (CVE-2025-31563) , Apr 04, 2025
Ship Per Product (CVE-2025-31773) , Apr 04, 2025
ContentBot AI Writer (ChatGPT, GPT3, GPT4) (CVE-2025-31818) , Apr 04, 2025
Oracle Cards Lite (CVE-2025-30852) , Apr 04, 2025
SCSS WP Editor (CVE-2025-31808) , Apr 04, 2025