CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
19.4%
plugin-fw/lib/yit-plugin-panel-wc.php in the YIT Plugin Framework through 3.3.8 for WordPress allows authenticated options changes.
Vendor | Product | Version | CPE |
---|---|---|---|
yithemes | yith_woocommerce_wishlist | * | cpe:2.3:a:yithemes:yith_woocommerce_wishlist:*:*:*:*:*:wordpress:*:* |
yithemes | yith_woocommerce_compare | * | cpe:2.3:a:yithemes:yith_woocommerce_compare:*:*:*:*:*:wordpress:*:* |
yithemes | yith_woocommerce_quick_view | * | cpe:2.3:a:yithemes:yith_woocommerce_quick_view:*:*:*:*:*:wordpress:*:* |
yithemes | yith_woocommerce_zoom_magnifier | * | cpe:2.3:a:yithemes:yith_woocommerce_zoom_magnifier:*:*:*:*:*:wordpress:*:* |
yithemes | yith_woocommerce_ajax_search | * | cpe:2.3:a:yithemes:yith_woocommerce_ajax_search:*:*:*:*:*:wordpress:*:* |
yithemes | yith_woocommerce_badge_management | * | cpe:2.3:a:yithemes:yith_woocommerce_badge_management:*:*:*:*:*:wordpress:*:* |
yithemes | yith_woocommerce_brands_add-on | * | cpe:2.3:a:yithemes:yith_woocommerce_brands_add-on:*:*:*:*:*:wordpress:*:* |
yithemes | yith_woocommerce_request_a_quote | * | cpe:2.3:a:yithemes:yith_woocommerce_request_a_quote:*:*:*:*:*:wordpress:*:* |
yithemes | yith_woocommerce_social_login | * | cpe:2.3:a:yithemes:yith_woocommerce_social_login:*:*:*:*:*:wordpress:*:* |
yithemes | yith_woocommerce_order_tracking | * | cpe:2.3:a:yithemes:yith_woocommerce_order_tracking:*:*:*:*:*:wordpress:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
19.4%