CVE-2024-13694

HIGH

WooCommerce Wishlist < 1.8.7 - Unauthenticated Insecure Direct Object Reference via download_pdf_file()

Title source: llm

Description

The WooCommerce Wishlist (High customization, fast setup,Free Elementor Wishlist, most features) plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.8.7 via the download_pdf_file() function due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to extract data from wishlists that they should not have access to.

References (5)

Core 5

Core References

Product

https://plugins.trac.wordpress.org/browser/smart-wishlist-for-more-convert/trunk/includes/class-wlfmc-form-handler.php#L607

Product

https://plugins.trac.wordpress.org/browser/smart-wishlist-for-more-convert/trunk/includes/class-wlfmc-wishlist.php#L529

Patch

https://plugins.trac.wordpress.org/changeset/3229758/

Product

https://wordpress.org/plugins/smart-wishlist-for-more-convert/#developers

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/59fe7630-ab94-419f-aca5-39b74d86ae4e?source=cve

Scores

CVSS v3 7.5

EPSS 0.0055

EPSS Percentile 41.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-285 CWE-639

Status published

Products (2)

moreconvert/MoreConvert Wishlist for WooCommerce < 1.8.7

moreconvert/woocommerce_wishlist < 1.8.8

Published Jan 30, 2025

Tracked Since Feb 18, 2026