EUVD-2026-31098

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in YITH YITH WooCommerce Product Add-Ons allows Blind SQL Injection. This issue affects YITH WooCommerce Product Add-Ons: from n/a through 4.29.0...

WordPress YITH WooCommerce Product Add-Ons plugin <= 4.29.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin YITH WooCommerce Product Add-Ons versions = 4.29.0...

PT-2023-24029 · WordPress · Woocommerce Product Add-Ons

Name of the Vulnerable Software and Affected Versions: WooCommerce Product Add-Ons versions n/a through 6.1.3 Description: The issue is related to the deserialization of untrusted data in WooCommerce Product Add-Ons. This can potentially lead to security issues, but specific details about...

CVE-2023-5601

The WooCommerce Ninja Forms Product Add-ons WordPress plugin before 1.7.1 does not validate the file to be uploaded, allowing any unauthenticated users to upload arbitrary files to the server, leading to RCE...