High severity7.1NVD Advisory· Published Mar 21, 2024· Updated Jun 17, 2026
CVE-2024-27994
CVE-2024-27994
Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YITHEMES YITH WooCommerce Product Add-Ons yith-woocommerce-product-add-ons.This issue affects YITH WooCommerce Product Add-Ons: from n/a through <= 4.5.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=4.5.0+ 1 more
- (no CPE)range: <=4.5.0
- (no CPE)range: <=4.5.0
Patches
Vulnerability mechanics
References
2- patchstack.com/database/Wordpress/Plugin/yith-woocommerce-product-add-ons/vulnerability/wordpress-yith-woocommerce-product-add-ons-plugin-4-5-0-cross-site-scripting-xss-vulnerabilitynvd
- patchstack.com/database/vulnerability/yith-woocommerce-product-add-ons/wordpress-yith-woocommerce-product-add-ons-plugin-4-5-0-cross-site-scripting-xss-vulnerabilitynvd
News mentions
0No linked articles in our index yet.