VYPR

Woo Smart Wishlist

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-11518MedOct 11, 2025
    risk 0.34cvss 5.3epss 0.00

    The WPC Smart Wishlist for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.0.3 via several wishlist AJAX functions due to missing validation on a user controlled key that is exposed when wishlists are…

  • CVE-2025-11742MedOct 18, 2025
    risk 0.28cvss 4.3epss 0.00

    The WPC Smart Wishlist for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'wishlist_quickview' AJAX action in all versions up to, and including, 5.0.4. This makes it possible for authenticated attackers,…