ThreatPress

WordPress Vulnerability Database

Back

WordPress TI WooCommerce Wishlist Premium plugin <= 1.21.4 - Authenticated WP Options Change vulnerability

Product
TI WooCommerce Wishlist Premium
Description
Authenticated WP Options Change vulnerability found by Jerome Bruandet (NinTechNet) in WordPress TI WooCommerce Wishlist Premium plugin (versions <= 1.21.4).
Solution
Update the WordPress TI WooCommerce Wishlist Premium plugin to the latest available version (at least 1.21.5).
Classification
Type Unknown
OWASP Top 10 A7: Missing Function Level Access Control
References
Vulnerability details
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 1.21.4
Fixed In 1.21.5
Disclosure date
2020-10-16
Credits
Jerome Bruandet (NinTechNet)