Addonify WooCommerce Wishlist allows Unauthorized Access to Configuration

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

6.5

Addonify WooCommerce Wishlist allows Unauthorized Access to Configuration

CVE-2025-68024

Summary

A security issue in Addonify WooCommerce Wishlist can let unauthorized users access and change certain settings. This affects version 2.0.15 and earlier of the plugin. To fix this, update to the latest version of the plugin or configure access control settings correctly to prevent unauthorized access.

Original title

Missing Authorization vulnerability in Addonify Addonify – WooCommerce Wishlist addonify-wishlist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify...

Original description

nvd CVSS3.1 6.5

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/Wordpress/Plugin/addonify-wishlist/vulnerability...

Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026