YITH WooCommerce Wishlist

YITHEMES

Developer

4.11.0

Latest version

500,000

Installations

No date

Last updated

WordPress Plugin

Active VDP

Report vulnerability

Vulnerabilities

Security Policy

Security Contributors

Vulnerability history

0 present

7 fixed

1 Mitigation rules

Unauthenticated Wishlist Token Disclosure to Wishlist Item Deletion vulnerability
<= 4.10.0
Nov 18, 2025
Unauthenticated Insecure Direct Object Reference to Unauthenticated Wishlist Rename vulnerability
<= 4.10.0
Nov 18, 2025
Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter vulnerability
<= 4.5.0
Jun 17, 2025
Cross Site Scripting (XSS) vulnerability
<= 3.32.0
May 30, 2024
Multiple Cross-Site Request Forgery (CSRF) vulne
<= 3.14.0
Dec 5, 2022
Authenticated Settings Change (YITH Plugin Framework <=3.3.8) vulnerability
<= 2.2.13
Oct 31, 2019
Authenticated SQL Injection (SQLi) vulnerability
<= 2.1.2
Jan 17, 2018