Nixpkgs security tracker
Untriaged
Permalink
CVE-2025-31063
4.3 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): LOW
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): LOW
- Availability impact (A): NONE
WordPress Wishlist <= 2.1.0 - Broken Access Control Vulnerability
Missing Authorization vulnerability in redqteam Wishlist allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Wishlist: from n/a through 2.1.0.
References
Affected products
wishlist
- =<2.1.0
Package maintainers
-
@caarlos0 Carlos A Becker <carlos@becker.software>
-
@penguwin Nicolas Martin <penguwin@penguwin.eu>