CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30879 – WordPress MC Woocommerce Wishlist plugin <= 1.8.9 - SQL Injection vulnerability
https://notcve.org/view.php?id=CVE-2025-30879
27 Mar 2025 — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in moreconvert MC Woocommerce Wishlist allows SQL Injection. This issue affects MC Woocommerce Wishlist: from n/a through 1.8.9. The MC Woocommerce Wishlist plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.8.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated a... • https://patchstack.com/database/wordpress/plugin/smart-wishlist-for-more-convert/vulnerability/wordpress-mc-woocommerce-wishlist-plugin-1-8-9-sql-injection-vulnerability?_s_id=cve • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34813 – WordPress WooCommerce Wishlist plugin <= 1.7.8 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2024-34813
09 May 2024 — Missing Authorization vulnerability in MoreConvert MC Woocommerce Wishlist.This issue affects MC Woocommerce Wishlist: from n/a through 1.7.8. Vulnerabilidad de autorización faltante en MoreConvert MC Woocommerce Wishlist. Este problema afecta a MC Woocommerce Wishlist: desde n/a hasta 1.7.8. The MC Woocommerce Wishlist plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_item() function in versions up to, and including, 1.7.8. This makes it... • https://patchstack.com/database/vulnerability/smart-wishlist-for-more-convert/wordpress-woocommerce-wishlist-plugin-1-7-8-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34819 – WordPress MC Woocommerce Wishlist plugin <= 1.7.2 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2024-34819
09 May 2024 — Missing Authorization vulnerability in MoreConvert MC Woocommerce Wishlist.This issue affects MC Woocommerce Wishlist: from n/a through 1.7.2. Vulnerabilidad de autorización faltante en MoreConvert MC Woocommerce Wishlist. Este problema afecta a MC Woocommerce Wishlist: desde n/a hasta 1.7.2. The WooCommerce Wishlist (High customization, fast setup,Free Elementor Wishlist, most features) plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions... • https://patchstack.com/database/vulnerability/smart-wishlist-for-more-convert/wordpress-mc-woocommerce-wishlist-plugin-1-7-2-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •