VYPR
Vendor

Yikes, Inc.

Products
4
CVEs
8
Across products
9
Status
Private

Products

4

Recent CVEs

8
  • CVE-2013-5654CriFeb 15, 2019
    risk 0.59cvss 9.1epss 0.02

    Vulnerability in YingZhi Python Programming Language v1.9 allows arbitrary anonymous uploads to the phone's storage

  • CVE-2024-11465HigJan 7, 2025
    risk 0.47cvss 7.2epss 0.01

    The Custom Product Tabs for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.8.5 via deserialization of untrusted input in the 'yikes_woo_products_tabs' post meta parameter. This makes it possible for authenticated…

  • CVE-2024-12721HigDec 21, 2024
    risk 0.47cvss 7.2epss 0.01

    The Custom Product Tabs For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.4 via deserialization of untrusted input from the 'wb_custom_tabs' parameter. This makes it possible for authenticated attackers, with…

  • CVE-2025-58985MedSep 9, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Additional Custom Product Tabs for WooCommerce product-tabs-for-woocommerce allows Stored XSS.This issue affects Additional Custom Product Tabs for WooCommerce: from…

  • CVE-2023-23900MedAug 10, 2023
    risk 0.38cvss 5.8epss 0.00

    Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in YIKES, Inc. Easy Forms for Mailchimp plugin <= 6.8.8 versions.

  • CVE-2022-28666MedJul 21, 2022
    risk 0.35cvss 5.3epss 0.01

    Broken Access Control vulnerability in YIKES Inc. Custom Product Tabs for WooCommerce plugin <= 1.7.7 at WordPress leading to &yikes-the-content-toggle option update.

  • CVE-2022-43463MedNov 18, 2022
    risk 0.31cvss 4.8epss 0.00

    Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Custom Product Tabs for WooCommerce plugin <= 1.7.9 on WordPress.

  • CVE-2013-5655May 14, 2014
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in the FTP server in YingZhi Python Programming Language for iOS 1.9 allows remote attackers to read and possibly write arbitrary files via a .. (dot dot) in the default URI.