Yithemes: >> Yith Woocommerce Product Add-Ons >> 1.2.4 Security Vulnerabilities
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in YITH YITH WooCommerce Product Add-Ons allows Reflected XSS.This issue affects YITH WooCommerce Product Add-Ons: from n/a through 4.14.1.
CVSS Score
7.1
EPSS Score
0.001
Published
2024-10-28
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in YITH YITH WooCommerce Product Add-Ons allows Code Injection.This issue affects YITH WooCommerce Product Add-Ons: from n/a through 4.9.2.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-06-10
Deserialization of Untrusted Data vulnerability in YITH YITH WooCommerce Product Add-Ons.This issue affects YITH WooCommerce Product Add-Ons: from n/a through 4.3.0.
CVSS Score
9.1
EPSS Score
0.003
Published
2023-12-31
plugin-fw/lib/yit-plugin-panel-wc.php in the YIT Plugin Framework through 3.3.8 for WordPress allows authenticated options changes.
CVSS Score
4.3
EPSS Score
0.005
Published
2019-10-31