Vulnerabilities > Yithemes > Yith Woocommerce Product ADD ONS

DATE CVE VULNERABILITY TITLE RISK
2024-06-10 CVE-2024-35680 Injection vulnerability in Yithemes Yith Woocommerce Product Add-Ons
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in YITH YITH WooCommerce Product Add-Ons allows Code Injection.This issue affects YITH WooCommerce Product Add-Ons: from n/a through 4.9.2.
network
low complexity
yithemes CWE-74
5.3
5.3
2023-12-31 CVE-2023-49777 Deserialization of Untrusted Data vulnerability in Yithemes Yith Woocommerce Product Add-Ons
Deserialization of Untrusted Data vulnerability in YITH YITH WooCommerce Product Add-Ons.This issue affects YITH WooCommerce Product Add-Ons: from n/a through 4.3.0.
network
low complexity
yithemes CWE-502
8.8
8.8
2019-10-31 CVE-2019-16251 Unspecified vulnerability in Yithemes products
plugin-fw/lib/yit-plugin-panel-wc.php in the YIT Plugin Framework through 3.3.8 for WordPress allows authenticated options changes.
network
low complexity
yithemes
4.0
4.0