Yith Woocommerce Product Add Ons
by Yithemes
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-49777 | Cri | 0.59 | 9.1 | 0.01 | Dec 31, 2023 | Deserialization of Untrusted Data vulnerability in YITH YITH WooCommerce Product Add-Ons.This issue affects YITH WooCommerce Product Add-Ons: from n/a through 4.3.0. | ||
| CVE-2023-32795 | Hig | 0.53 | 8.2 | 0.01 | Dec 28, 2023 | Deserialization of Untrusted Data vulnerability in WooCommerce Product Add-Ons.This issue affects Product Add-Ons: from n/a through 6.1.3. | ||
| CVE-2026-42383 | Hig | 0.49 | 7.6 | 0.00 | May 20, 2026 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YITH YITH WooCommerce Product Add-Ons allows Blind SQL Injection. This issue affects YITH WooCommerce Product Add-Ons: from n/a through 4.29.0. | ||
| CVE-2024-50448 | Hig | 0.46 | 7.1 | 0.00 | Oct 28, 2024 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YITHEMES YITH WooCommerce Product Add-Ons yith-woocommerce-product-add-ons.This issue affects YITH WooCommerce Product Add-Ons: from n/a through <= 4.14.1. | ||
| CVE-2024-47367 | Hig | 0.46 | 7.1 | 0.00 | Oct 6, 2024 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YITHEMES YITH WooCommerce Product Add-Ons yith-woocommerce-product-add-ons allows Reflected XSS.This issue affects YITH WooCommerce Product Add-Ons: from n/a through <= 4.13.0. | ||
| CVE-2024-37943 | Med | 0.38 | 5.8 | 0.00 | Jul 20, 2024 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YITHEMES YITH WooCommerce Ajax Product Filter yith-woocommerce-ajax-navigation.This issue affects YITH WooCommerce Ajax Product Filter: from n/a through <= 5.1.0. | ||
| CVE-2023-32794 | Med | 0.35 | 5.4 | 0.00 | Nov 9, 2023 | Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Product Add-Ons plugin <= 6.1.3 versions. | ||
| CVE-2023-46635 | Med | 0.34 | 5.3 | 0.00 | Jan 2, 2025 | Missing Authorization vulnerability in YITHEMES YITH WooCommerce Product Add-Ons yith-woocommerce-product-add-ons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YITH WooCommerce Product Add-Ons: from n/a through <= 4.2.0. | ||
| CVE-2024-35680 | Med | 0.34 | 5.3 | 0.00 | Jun 10, 2024 | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in YITHEMES YITH WooCommerce Product Add-Ons yith-woocommerce-product-add-ons.This issue affects YITH WooCommerce Product Add-Ons: from n/a through <= 4.9.2. |
- risk 0.59cvss 9.1epss 0.01
Deserialization of Untrusted Data vulnerability in YITH YITH WooCommerce Product Add-Ons.This issue affects YITH WooCommerce Product Add-Ons: from n/a through 4.3.0.
- risk 0.53cvss 8.2epss 0.01
Deserialization of Untrusted Data vulnerability in WooCommerce Product Add-Ons.This issue affects Product Add-Ons: from n/a through 6.1.3.
- risk 0.49cvss 7.6epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YITH YITH WooCommerce Product Add-Ons allows Blind SQL Injection. This issue affects YITH WooCommerce Product Add-Ons: from n/a through 4.29.0.
- risk 0.46cvss 7.1epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YITHEMES YITH WooCommerce Product Add-Ons yith-woocommerce-product-add-ons.This issue affects YITH WooCommerce Product Add-Ons: from n/a through <= 4.14.1.
- risk 0.46cvss 7.1epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YITHEMES YITH WooCommerce Product Add-Ons yith-woocommerce-product-add-ons allows Reflected XSS.This issue affects YITH WooCommerce Product Add-Ons: from n/a through <= 4.13.0.
- risk 0.38cvss 5.8epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YITHEMES YITH WooCommerce Ajax Product Filter yith-woocommerce-ajax-navigation.This issue affects YITH WooCommerce Ajax Product Filter: from n/a through <= 5.1.0.
- risk 0.35cvss 5.4epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Product Add-Ons plugin <= 6.1.3 versions.
- risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in YITHEMES YITH WooCommerce Product Add-Ons yith-woocommerce-product-add-ons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YITH WooCommerce Product Add-Ons: from n/a through <= 4.2.0.
- risk 0.34cvss 5.3epss 0.00
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in YITHEMES YITH WooCommerce Product Add-Ons yith-woocommerce-product-add-ons.This issue affects YITH WooCommerce Product Add-Ons: from n/a through <= 4.9.2.