Over 100,000 WordPress Sites at Risk from Critical CVSS 10.0 Vulnerability in Wishlist Plugin

May 29, 2025

Cybersecurity researchers have disclosed a critical unpatched security flaw impacting TI WooCommerce Wishlist plugin for WordPress that could be exploited by unauthenticated attackers to upload arbitrary files.
TI WooCommerce Wishlist, which has over 100,000 active installations, is a tool to allow e-commerce site customers to save their favorite products for later and share the lists on social

Source: Read More

Previous ArticleChinese APT41 Exploits Google Calendar for Malware Command-and-Control Operations

Next Article Smashing Security podcast #419: Star Wars, the CIA, and a WhatsApp malware mirage

Highlights

CVE-2025-0928 – Juju Unauthorized Agent Binary Upload Vulnerability

July 9, 2025

CVE ID : CVE-2025-0928

Published : July 8, 2025, 6:15 p.m. | 12 hours, 9 minutes ago

Description : In Juju versions prior to 3.6.8 and 2.9.52, any authenticated controller user was allowed to upload arbitrary agent binaries to any model or to the controller itself, without verifying model membership or requiring explicit permissions. This enabled the distribution of poisoned binaries to new or upgraded machines, potentially resulting in remote code execution.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

In-House vs. Outsource Node.js Development Teams: 9 Key Differences for the C-Suite (2025)

Why Non-Native Content Designers Improve Global UX

DevOps won’t scale without platform engineering and here’s why your teams are still stuck

This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

I ditched my Bluetooth speakers for this slick turntable – and it’s more practical than I thought

This split keyboard offers deep customization – if you’re willing to go all in

I spoke with an AI version of myself, thanks to Hume’s free tool – how to try it

I took a walk with Meta’s new Oakley smart glasses – they beat my Ray-Bans in every way

The details of TC39’s last meeting

The details of TC39’s last meeting

Simple wrapper for Chrome’s built-in local LLM (Gemini Nano)

Online Examination System using PHP and MySQL

Top 7 Computer Performance Test Tools Online (Free & Fast)

Top 7 Computer Performance Test Tools Online (Free & Fast)

10 Best Windows 11 Encryption Software

Google Chrome Is Testing Dynamic Country Detection for Region-Specific Features

Over 100,000 WordPress Sites at Risk from Critical CVSS 10.0 Vulnerability in Wishlist Plugin

Scaling Up Reinforcement Learning for Traffic Smoothing: A 100-AV Highway Deployment

Repurposing Protein Folding Models for Generation with Latent Diffusion

CVE-2025-6971 – SOLIDWORKS eDrawings After Free Vulnerability

OneDrive for Mac will soon give you more flexible storage options

PyQSO – contact logging tool for amateur radio operators

How to Setup Agent Node in Jenkins Step-by-Step

CVE-2025-0928 – Juju Unauthorized Agent Binary Upload Vulnerability

AIaaS vs. Traditional AI: Why Forward-Thinking Businesses Are Making the Switch⚖️

paldo – Upkg driven Linux distribution

This 75-inch 4K Hisense Fire TV is a steal at nearly 30% off on Amazon

Over 100,000 WordPress Sites at Risk from Critical CVSS 10.0 Vulnerability in Wishlist Plugin

Related Posts