CVE-2025-13157 | QODE Wishlist for WooCommerce Plugin up to 1.2.7 on WordPress resource injection

Inserito da Angelo Barbosa | Nov 26, 2025 | CVE

A vulnerability marked as critical has been reported in QODE Wishlist for WooCommerce Plugin up to 1.2.7 on WordPress. This issue affects the function qode_wishlist_for_woocommerce_wishlist_table_item_callback. Performing manipulation results in improper control of resource identifiers.

This vulnerability is known as CVE-2025-13157. Remote exploitation of the attack is possible. No exploit is available.

CVE-2025-13157 | QODE Wishlist for WooCommerce Plugin up to 1.2.7 on WordPress resource injection

Post correlati

CVE-2024-56966 | Qidian Reader 5.9.384 on iOS Link information disclosure

CVE-2025-1094 | PostgreSQL up to 13.18/14.15/15.10/16.6/17.2 quoting syntax

CVE-2024-4610 | Arm Bifrost GPU Kernel Driver up to r40p0 use after free

CVE-2025-5347 | Zoho ManageEngine Exchange Reporter Plus up to 5722 Reports cross site scripting