YITH WooCommerce Wishlist

YITHEMES

Developer

4.14.0

Latest version

500,000

Installations

No date

Last updated

WordPress Plugin

Active VDP

Report vulnerability

Vulnerabilities

Security Policy

Security Contributors

Vulnerability history

0 present

7 patched

1 Mitigation rules

Unauthenticated Wishlist Token Disclosure to Wishlist Item Deletion vulnerability
<= 4.10.0
18/11/2025
Unauthenticated Insecure Direct Object Reference to Unauthenticated Wishlist Rename vulnerability
<= 4.10.0
18/11/2025
Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter vulnerability
<= 4.5.0
17/06/2025
Cross Site Scripting (XSS) vulnerability
<= 3.32.0
30/05/2024
Multiple Cross-Site Request Forgery (CSRF) vulne
<= 3.14.0
05/12/2022
Authenticated Settings Change (YITH Plugin Framework <=3.3.8) vulnerability
<= 2.2.13
31/10/2019
Authenticated SQL Injection (SQLi) vulnerability
<= 2.1.2
17/01/2018