Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Wishlist Member

Source -

CNA

BOS Name -

N/A

CNA CVEs -

4

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated ProductsRelated AssignersReports
4Vulnerabilities found
CVE-2026-6419
Assigner-Wordfence
ShareView Details
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-Not Assigned
Published-23 May, 2026 | 04:27
Updated-23 May, 2026 | 04:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wishlist Member <= 3.30.1 - Missing Authorization to Authenticated (Subscriber+) API Secret Key Disclosure and Privilege Escalation via 'wlm3_get_screen' AJAX action

The WishList Member plugin for WordPress is vulnerable to Privilege Escalation via Missing Authorization in versions up to and including 3.30.1. This is due to the missing capability and nonce check in the ajax_get_screen() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to supply an arbitrary admin screen identifier via the data[url] parameter, causing the plugin to load and execute the administrative API configuration template without authorization. The rendered HTML, which contains the plugin's plaintext REST API Secret Key, is returned directly to the attacker in the AJAX JSON response. An attacker who obtains this key can authenticate to the WishList Member API, create a new membership level assigned the administrator WordPress role, and register an arbitrary administrator-level user account, resulting in complete site takeover.

Action-Not Available
Vendor-Wishlist Member
Product-Wishlist Member
CWE ID-CWE-269
Improper Privilege Management
CVE-2026-6897
Assigner-Wordfence
ShareView Details
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-Not Assigned
Published-23 May, 2026 | 04:27
Updated-23 May, 2026 | 04:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wishlist Member <= 3.30.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Options Update via 'wishlistmember_team_accounts_save_settings' AJAX action

The Wishlist Member plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'WishListMember\Features\Team_Accounts::save_settings' function in all versions up to, and including, 3.30.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary plugin options, includes the REST API Secret Key, which can be used to create a new membership level assigned the administrator WordPress role, and register an arbitrary administrator-level user account, resulting in complete site takeover.

Action-Not Available
Vendor-Wishlist Member
Product-Wishlist Member
CWE ID-CWE-269
Improper Privilege Management
CVE-2026-6895
Assigner-Wordfence
ShareView Details
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-Not Assigned
Published-23 May, 2026 | 04:27
Updated-23 May, 2026 | 04:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wishlist Member <= 3.30.1 - Missing Authorization to Authenticated (Subscriber+) API Secret Key Disclosure and Privilege Escalation via 'wlm3_export_settings' AJAX Action

The WishList Member plugin for WordPress is vulnerable to Missing Authorization leading to Sensitive Information Disclosure and Privilege Escalation in versions up to and including 3.30.1. This is due to the missing capability checks in the 'export_settings' function. This function returns the REST API Secret Key to the attacker in the AJAX JSON response. An attacker who obtains this key can authenticate to the WishList Member API, create a new membership level assigned the administrator WordPress role, and register an arbitrary administrator-level user account, resulting in complete site takeover.

Action-Not Available
Vendor-Wishlist Member
Product-Wishlist Member
CWE ID-CWE-269
Improper Privilege Management
CVE-2026-6898
Assigner-Wordfence
ShareView Details
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-Not Assigned
Published-23 May, 2026 | 04:27
Updated-23 May, 2026 | 04:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WishList Member <= 3.30.1 - Missing Authorization to Authenticated (Subscriber+) Generate API Secret Key via 'wlm3_generate_api_key' AJAX action

The Wishlist Member plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'WishListMember3_Hooks::generate_api_key' function in all versions up to, and including, 3.30.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update the REST API Secret Key, which can be used to create a new membership level assigned the administrator WordPress role, and register an arbitrary administrator-level user account, resulting in complete site takeover.

Action-Not Available
Vendor-Wishlist Member
Product-Wishlist Member
CWE ID-CWE-269
Improper Privilege Management