cleantalk
Vulnerabilities and Security Researches

Wishlist and Compare for WooCommerce, d16ff76f2758ae5cd2524881fb65080698c295c3

CVE, Research URL

d16ff76f2758ae5cd2524881fb65080698c295c3

Home page URL

Security reports for Wishlist and Compare for WooCommerce

Application

Wishlist and Compare for WooCommerce

Published on
May 08, 2021
Research Description
Wishlist and Compare for WooCommerce [wishlist-and-compare] < 1.0.5 Wishlist and Compare for WooCommerce <= 1.0.4 - Authorization Bypass The Wishlist and Compare for WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several functions in versions up to, and including, 1.0.4. This makes it possible for unauthenticated attackers to edit plugin settings.
Affected versions
Min -, max 1.0.5.
Status
vulnerable
Previous vulnerability researches
Wishlist and Compare for WooCommerce (d16ff76f2758ae5cd2524881fb65080698c295c3) , Jun 07, 2024
New vulnerability
WordPress Job Board and Recruitment Plugin &#8211; JobWP (CVE-2025-2010) , Apr 20, 2025
WP Logger (CVE-2025-39456) , Apr 20, 2025
visualslider Sldier (CVE-2025-23448) , Apr 20, 2025
RSS Manager (CVE-2025-39418) , Apr 20, 2025
Contact Form vCard Generator (CVE-2025-39521) , Apr 20, 2025