Vulnerabilities > Yithemes > Yith Woocommerce Product ADD ONS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-10 | CVE-2024-35680 | Injection vulnerability in Yithemes Yith Woocommerce Product Add-Ons Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in YITH YITH WooCommerce Product Add-Ons allows Code Injection.This issue affects YITH WooCommerce Product Add-Ons: from n/a through 4.9.2. | 5.3 |
| 2019-10-31 | CVE-2019-16251 | Unspecified vulnerability in Yithemes products plugin-fw/lib/yit-plugin-panel-wc.php in the YIT Plugin Framework through 3.3.8 for WordPress allows authenticated options changes. | 4.0 |