Filtered by vendor Premmerce Subscriptions
Filtered by product Wishlist For Woocommerce Subscriptions

Search

Switch to Advanced Search (Beta)
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-13440 2 Premmerce, Wordpress 2 Wishlist For Woocommerce, Wordpress 2025-12-12 5.3 Medium
The Premmerce Wishlist for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.1.10. This is due to a missing capability check on the deleteWishlist() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary wishlists.
CVE-2025-60191 3 Premmerce, Woocommerce, Wordpress 3 Wishlist For Woocommerce, Woocommerce, Wordpress 2025-11-13 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Premmerce Premmerce Wishlist for WooCommerce premmerce-woocommerce-wishlist allows PHP Local File Inclusion.This issue affects Premmerce Wishlist for WooCommerce: from n/a through <= 1.1.10.