cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-9156,https://securityvulnerability.io/vulnerability/CVE-2024-9156,WooCommerce Wishlist Plugin Vulnerable to SQL Injection,"The TI WooCommerce Wishlist WordPress plugin up to version 2.8.2 is susceptible to SQL Injection due to inadequate escaping of user-supplied parameters and lack of appropriate preparation for the existing SQL query. This vulnerability enables unauthenticated attackers to include additional SQL queries into existing ones, thereby compromising the database's integrity and potentially exposing sensitive information. Ensuring proper input validation and query preparation is crucial for mitigating such risks.",Wordpress,Ti WooCommerce Wishlist,7.5,HIGH,0.0008399999933317304,false,,false,false,true,true,false,false,2024-10-10T06:00:03.691Z,0
CVE-2020-36725,https://securityvulnerability.io/vulnerability/CVE-2020-36725,Options Change Vulnerability in TI WooCommerce Wishlist Plugin for WordPress,"The TI WooCommerce Wishlist and TI WooCommerce Wishlist Pro plugins for WordPress have a vulnerability that allows authenticated attackers to modify settings due to improper handling in the export class file. This flaw impacts all versions up to 1.21.11 and 1.21.4, granting unauthorized access to settings and configurations, which could severely compromise the security of affected WordPress sites.",Wordpress,"Ti WooCommerce Wishlist,Ti WooCommerce Wishlist Pro",8.8,HIGH,0.0014100000262260437,false,,false,false,false,,false,false,2023-06-07T01:51:45.136Z,0
CVE-2022-0412,https://securityvulnerability.io/vulnerability/CVE-2022-0412,TI WooCommerce Wishlist < 1.40.1 - Unauthenticated Blind SQL Injection,"The TI WooCommerce Wishlist WordPress plugin before 1.40.1, TI WooCommerce Wishlist Pro WordPress plugin before 1.40.1 do not sanitise and escape the item_id parameter before using it in a SQL statement via the wishlist/remove_product REST endpoint, allowing unauthenticated attackers to perform SQL injection attacks",Wordpress,"TI WooCommerce Wishlist,TI WooCommerce Wishlist Pro",9.8,CRITICAL,0.02078999951481819,false,,false,false,true,true,false,false,2022-02-28T09:06:56.000Z,0