Vulnerabilities > Yithemes > Yith Essential KIT FOR Woocommerce > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-07-19 CVE-2024-6799 Missing Authorization vulnerability in Yithemes Yith Essential KIT for Woocommerce
The YITH Essential Kit for WooCommerce #1 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'activate_module', 'deactivate_module', and 'install_module' functions in all versions up to, and including, 2.34.0.
network
low complexity
yithemes CWE-862
4.3