cleantalk
Vulnerabilities and Security Researches

Wishlist for WooCommerce, CVE-2025-24657

CVE, Research URL

CVE-2025-24657

Home page URL

Security reports for Wishlist for WooCommerce

Application

Wishlist for WooCommerce

Published on
Jan 24, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebToffee Wishlist for WooCommerce allows Stored XSS. This issue affects Wishlist for WooCommerce: from n/a through 2.1.2.
Affected versions
Min -, max 2.1.3.
Status
vulnerable
Previous vulnerability researches
Wishlist for WooCommerce (CVE-2025-24657) , Jan 26, 2025
New vulnerability
WP Logger (CVE-2025-39456) , Apr 20, 2025
visualslider Sldier (CVE-2025-23448) , Apr 20, 2025
RSS Manager (CVE-2025-39418) , Apr 20, 2025
Contact Form vCard Generator (CVE-2025-39521) , Apr 20, 2025
AdminQuickbar (CVE-2025-39464) , Apr 20, 2025