A critical security vulnerability in the TI WooCommerce Wishlist plugin has exposed over 100,000 WordPress websites to potential cyberattacks. The vulnerability, CVE-2025-47577, allows unauthenticated attackers to upload arbitrary files, leading to complete server compromise. The flaw affects version 2.9.2 and all previous versions, with no patched release available. This vulnerability is one of the most severe WordPress plugin vulnerabilities discovered recently, posing significant risks to e-commerce websites worldwide.
Source: https://cybersecuritynews.com/wordpress-ti-woocommerce-wishlist-plugin-vulnerability/
TPRM report: https://scoringcyber.rankiteo.com/company/patchstack
"id": "pat1014052925",
"linkid": "patchstack",
"type": "Vulnerability",
"date": "5/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'E-commerce',
'location': 'Worldwide',
'name': 'TI WooCommerce Wishlist Plugin Users',
'size': 'Over 100,000 websites',
'type': 'E-commerce Websites'}],
'attack_vector': 'Unauthenticated arbitrary file upload',
'date_detected': '2025-03-26',
'date_publicly_disclosed': '2025-05-27',
'description': 'A critical security vulnerability in the popular TI '
'WooCommerce Wishlist plugin has left over 100,000 WordPress '
'websites exposed to potential cyberattacks, with security '
'researchers warning of imminent exploitation risks.',
'initial_access_broker': {'entry_point': 'File upload vulnerability'},
'investigation_status': 'Ongoing',
'motivation': 'Server compromise',
'post_incident_analysis': {'root_causes': 'Improper file upload handling'},
'references': [{'source': 'Patchstack'}],
'response': {'communication_strategy': 'Public advisory on May 27, 2025',
'containment_measures': 'Remove the plugin from installations',
'third_party_assistance': 'Patchstack analysts'},
'title': 'Critical Vulnerability in TI WooCommerce Wishlist Plugin',
'type': 'Software Vulnerability',
'vulnerability_exploited': 'CVE-2025-47577'}