Pickplugins Wishlist
6 CVEs affecting Pickplugins Wishlist. Latest disclosed: 2025-06-06. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-32618 | High | 8.5 | 2025-04-11 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PickPlugins Wishlist wishlist allows SQL Injection.This i… |
CVE-2025-26915 | High | 8.5 | 2025-02-25 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PickPlugins Wishlist wishlist allows SQL Injection.This i… |
CVE-2025-24655 | High | 7.1 | 2025-04-17 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Wishlist wishlist allows Reflected XSS.This i… |
CVE-2025-49075 | Medium | 6.5 | 2025-06-06 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Wishlist wishlist allows Stored XSS.This issu… |
CVE-2024-12809 | Medium | 6.4 | 2025-03-07 | The Wishlist plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wishlist_button' shortcode in all versions up to, and includin… |
CVE-2025-32272 | Medium | 4.3 | 2025-04-04 | Cross-Site Request Forgery (CSRF) vulnerability in PickPlugins Wishlist wishlist allows Cross Site Request Forgery.This issue affects Wishlist: from n/a throug… |