VYPR

Custom Product Tabs for WooCommerce

by WordPress

CVEs (4)

  • CVE-2024-11465HigJan 7, 2025
    risk 0.47cvss 7.2epss 0.01

    The Custom Product Tabs for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.8.5 via deserialization of untrusted input in the 'yikes_woo_products_tabs' post meta parameter. This makes it possible for authenticated…

  • CVE-2024-12721HigDec 21, 2024
    risk 0.47cvss 7.2epss 0.01

    The Custom Product Tabs For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.4 via deserialization of untrusted input from the 'wb_custom_tabs' parameter. This makes it possible for authenticated attackers, with…

  • CVE-2022-28666MedJul 21, 2022
    risk 0.35cvss 5.3epss 0.01

    Broken Access Control vulnerability in YIKES Inc. Custom Product Tabs for WooCommerce plugin <= 1.7.7 at WordPress leading to &yikes-the-content-toggle option update.

  • CVE-2022-43463MedNov 18, 2022
    risk 0.31cvss 4.8epss 0.00

    Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Custom Product Tabs for WooCommerce plugin <= 1.7.9 on WordPress.