GCVE - cpe:2.3:a:wpfactory:wishlist_for_woocommerce:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:wpfactory:wishlist_for_woocommerce:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Wpfactory (`5fbbc6ad-468c-5353-925f-7ba5e8eccdf5`)
Product	Wishlist For Woocommerce (`7535139a-cab1-5cca-89fe-b16e4b0d3fdf`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-69334`	vulnerable	2026-06-03 15:11:04.980673	WordPress Wishlist for WooCommerce plugin <= 3.3.0 - Cross Site Scripting (XSS) vulnerability MEDIUM (6.5) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Wishlist for WooCommerce wish-list-for-woocommerce allows Stored XSS.This issue affects Wishlist for WooCommerce: from n/a through <= 3.3.0. Published: 2026-01-06T16:36:38.389Z Updated: 2026-04-28T20:53:36.781Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/wish-list-for-woocommerce/vulnerability/wordpress-wishlist-for-woocommerce-plugin-3-3-0-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-49319`	vulnerable	2026-06-03 15:01:44.472177	WordPress Wishlist for WooCommerce <= 3.2.3 - Broken Access Control Vulnerability MEDIUM (6.5) Missing Authorization vulnerability in WPFactory Wishlist for WooCommerce wish-list-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wishlist for WooCommerce: from n/a through <= 3.2.3. Published: 2025-07-16T11:27:59.235Z Updated: 2026-04-28T16:13:00.836Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/wish-list-for-woocommerce/vulnerability/wordpress-wishlist-for-woocommerce-3-2-3-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-48237`	vulnerable	2026-06-03 15:01:34.293262	WordPress Wishlist for WooCommerce plugin <= 3.2.2 - Cross Site Scripting (XSS) Vulnerability MEDIUM (6.5) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Wishlist for WooCommerce wish-list-for-woocommerce allows Stored XSS.This issue affects Wishlist for WooCommerce: from n/a through <= 3.2.2. Published: 2025-05-19T14:44:51.776Z Updated: 2026-04-28T16:12:53.418Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/wish-list-for-woocommerce/vulnerability/wordpress-wishlist-for-woocommerce-3-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-56228`	vulnerable	2026-06-03 14:57:42.699496	WordPress Wishlist for WooCommerce: Multi Wishlists Per Customer plugin <= 3.1.2 - Reflected Cross Site Scripting (XSS) vulnerability HIGH (7.1) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Wishlist for WooCommerce wish-list-for-woocommerce.This issue affects Wishlist for WooCommerce: from n/a through <= 3.1.2. Published: 2024-12-31T10:28:22.918Z Updated: 2026-04-28T16:10:55.351Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/wish-list-for-woocommerce/vulnerability/wordpress-wishlist-for-woocommerce-multi-wishlists-per-customer-plugin-3-1-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.