Filtered by vendor Yithemes Subscriptions
Filtered by product Yith Woocommerce Wishlist Subscriptions

Search

Switch to Advanced Search (Beta)
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-12777 2 Wordpress, Yithemes 2 Wordpress, Yith Woocommerce Wishlist 2025-11-20 5.3 Medium
The YITH WooCommerce Wishlist plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.10.0. This is due to the plugin not properly verifying that a user is authorized to perform actions on the REST API /wp-json/yith/wishlist/v1/lists endpoint (which uses permission_callback => '__return_true') and the AJAX delete_item handler (which only checks nonce validity without verifying object-level authorization). This makes it possible for unauthenticated attackers to disclose wishlist tokens for any user and subsequently delete wishlist items by chaining the REST API authorization bypass with the exposed delete_item nonce on shared wishlist pages and the AJAX handler's missing object-level authorization check.
CVE-2025-12427 2 Wordpress, Yithemes 2 Wordpress, Yith Woocommerce Wishlist 2025-11-20 5.3 Medium
The YITH WooCommerce Wishlist plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.10.0 via the REST API endpoint and AJAX handler due to missing validation on user-controlled keys. This makes it possible for unauthenticated attackers to discover any user's wishlist token ID, and subsequently rename the victim's wishlist without authorization (integrity impact). This can be exploited to target multi-user stores for defacement, social engineering attacks, mass tampering, and profiling at scale.
CVE-2019-16251 1 Yithemes 38 Yith Advanced Refund System For Woocommerce, Yith Color And Label Variations For Woocommerce, Yith Custom Thank You Page For Woocommerce and 35 more 2024-11-21 4.3 Medium
plugin-fw/lib/yit-plugin-panel-wc.php in the YIT Plugin Framework through 3.3.8 for WordPress allows authenticated options changes.