Access Control Flaw in TI WooCommerce Wishlist by TemplateInvaders
CVE-2025-67929

Currently unrated

Key Information:

Vendor

WordPress
Status
Ti WooCommerce Wishlist
Vendor
CVE Published:
16 December 2025

What is CVE-2025-67929?

A vulnerability has been identified in the TI WooCommerce Wishlist plugin developed by TemplateInvaders, where the access control mechanism is improperly configured. This flaw allows unauthorized users to exploit features that should be restricted, potentially accessing sensitive functionalities. The issue affects versions from n/a up to 2.10.0, highlighting the importance for users to review and update their installations to maintain secure operations.

Affected Version(s)

TI WooCommerce Wishlist <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Plugin/ti-w...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Bao - BlueRock | Patchstack Bug Bounty Program
JSON
.
CVE-2025-67929 : Access Control Flaw in TI WooCommerce Wishlist by TemplateInvaders