CVE-2025-31063
WordPress Wishlist <= 2.1.0 - Broken Access Control VulnerabilityMissing Authorization vulnerability in redqteam Wishlist allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Wishlist: from n/a through 2.1.0.
We have discovered 1 live websites that are affected by CVE-2025-31063.
Affected Software
| Product |  Wishlist |
| Category | Wordpress Plugins |
| Vulnerable Domains | 1 live websites (Infinity% of Wishlist install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 0 versions ( less than 0.1% of all versions) |
Common Weakness Enumeration
CWE-862 Missing AuthorizationDetails
- Published - May 16, 2025
- Updated - May 16, 2025
Credits
- Tran Nguyen Bao Khanh (VCI - VNPT Cyber Immunity) (Patchstack Alliance) (finder)
CWE
CVE References
CWE References
CVE-2025-31063 usage by Country
CVE-2025-31063 usage by TLD
| .com | 1 websites |
Websites affected by CVE-2025-31063
Top websites that are affected by CVE-2025-31063. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ********.com | **,***,*** |
FAQ
CVE-2025-31063 is Missing Authorization in Wishlist
A total of 1 websites have been identified as vulnerable to CVE-2025-31063, based on global website indexing conducted by WebTechSurvey.
The Wishlist is affected by the CVE-2025-31063 vulnerability.
Wishlist versions up to and including 2.1 are vulnerable to CVE-2025-31063.