Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

YITH Security Vulnerabilities

cve
cve

CVE-2024-35732

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in YITH YITH Custom Login allows Stored XSS.This issue affects YITH Custom Login: from n/a through...

5.9CVSS

5.7AI Score

0.0004EPSS

2024-06-08 01:15 PM
23
cve
cve

CVE-2024-35680

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in YITH YITH WooCommerce Product Add-Ons allows Code Injection.This issue affects YITH WooCommerce Product Add-Ons: from n/a through...

5.3CVSS

5.4AI Score

0.0005EPSS

2024-06-10 04:15 PM
24
cve
cve

CVE-2024-30470

Missing Authorization vulnerability in YITH YITH WooCommerce Account Funds Premium.This issue affects YITH WooCommerce Account Funds Premium: from n/a through...

6.5CVSS

6.5AI Score

0.0004EPSS

2024-06-09 11:15 AM
35
cve
cve

CVE-2024-35698

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in YITH YITH WooCommerce Tab Manager allows Stored XSS.This issue affects YITH WooCommerce Tab Manager: from n/a through...

5.9CVSS

5.8AI Score

0.0004EPSS

2024-06-08 03:15 PM
21
cve
cve

CVE-2024-34385

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in YITH YITH WooCommerce Wishlist allows Stored XSS.This issue affects YITH WooCommerce Wishlist: from n/a through...

5.9CVSS

7AI Score

0.0004EPSS

2024-06-03 12:15 PM
14
cve
cve

CVE-2024-32699

Cross-Site Request Forgery (CSRF) vulnerability in YITH YITH WooCommerce Compare.This issue affects YITH WooCommerce Compare: from n/a through...

4.3CVSS

6.8AI Score

0.0004EPSS

2024-04-24 03:15 PM
31
cve
cve

CVE-2024-27994

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YITH YITH WooCommerce Product Add-Ons allows Reflected XSS.This issue affects YITH WooCommerce Product Add-Ons: from n/a through...

7.1CVSS

9.3AI Score

0.0004EPSS

2024-03-21 03:16 PM
29
cve
cve

CVE-2022-44633

Missing Authorization vulnerability in YITH YITH WooCommerce Gift Cards Premium.This issue affects YITH WooCommerce Gift Cards Premium: from n/a through...

6.5CVSS

6.8AI Score

0.0004EPSS

2024-04-11 01:17 AM
9
cve
cve

CVE-2023-49777

Deserialization of Untrusted Data vulnerability in YITH YITH WooCommerce Product Add-Ons.This issue affects YITH WooCommerce Product Add-Ons: from n/a through...

9.1CVSS

8.7AI Score

0.001EPSS

2023-12-31 11:15 AM
20
cve
cve

CVE-2022-45359

Unauth. Arbitrary File Upload vulnerability in YITH WooCommerce Gift Cards premium plugin <= 3.19.0 on...

9.8CVSS

9.3AI Score

0.002EPSS

2022-12-06 09:15 PM
47
In Wild
cve
cve

CVE-2021-36841

Authenticated Stored Cross-Site Scripting (XSS) vulnerability in YITH Maintenance Mode (WordPress plugin) versions <= 1.3.7, vulnerable parameter &yith_maintenance_newsletter_submit_label. Possible even when unfiltered HTML is disallowed by WordPress...

6.9CVSS

5.2AI Score

0.001EPSS

2021-09-27 04:15 PM
17
cve
cve

CVE-2021-36845

Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in YITH Maintenance Mode (WordPress plugin) versions <= 1.3.8, there are 46 vulnerable parameters that were missed by the vendor while patching the 1.3.7 version to 1.3.8. Vulnerable parameters: 1 - "Newsletter" tab,...

6.9CVSS

5AI Score

0.001EPSS

2021-09-27 04:15 PM
16