Wpc Smart Wishlist For Woocommerce

wpc_smart_wishlist_for_woocommerce

Vendor: Wpclever • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-34386 1Wpclever 1Wpc Smart Wishlist For Woocommerce Jun 17, 2026 Nov 9, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in WPClever WPC Smart Wishlist for WooCommerce plugin <= 4.7.1 versions.
CVE-2022-1465 1Wpclever 1Wpc Smart Wishlist For Woocommerce Jun 17, 2026 May 16, 2022 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The WPC Smart Wishlist for WooCommerce WordPress plugin before 2.9.9 does not sanitise and escape a parameter before outputting it back in an attribute via an AJAX action, leading to a Reflected Cross-Site Scripting issu...Show more The WPC Smart Wishlist for WooCommerce WordPress plugin before 2.9.9 does not sanitise and escape a parameter before outputting it back in an attribute via an AJAX action, leading to a Reflected Cross-Site Scripting issue.Show less
CVE-2022-0397 1Wpclever 1Wpc Smart Wishlist For Woocommerce Jun 17, 2026 Mar 28, 2022 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 The WPC Smart Wishlist for WooCommerce WordPress plugin before 2.9.4 does not sanitise and escape the key parameter before outputting it back in the wishlist_quickview AJAX action's response (available to any authenticat...Show more The WPC Smart Wishlist for WooCommerce WordPress plugin before 2.9.4 does not sanitise and escape the key parameter before outputting it back in the wishlist_quickview AJAX action's response (available to any authenticated user), leading to a Reflected Cross-Site ScriptingShow less