Lucene search
K

20 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-25168

Malicious code in bioql PyPI...

7.1CVSS8.5AI score0.00398EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:12 a.m.14 views

CVE-2024-35680

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in YITHEMES YITH WooCommerce Product Add-Ons yith-woocommerce-product-add-ons.This issue affects YITH WooCommerce Product Add-Ons: from n/a through = 4.9.2...

5.3CVSS5.9AI score0.00329EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/02 12:0 p.m.7 views

CVE-2023-46635 WordPress YITH WooCommerce Product Add-Ons plugin <= 4.2.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in YITHEMES YITH WooCommerce Product Add-Ons yith-woocommerce-product-add-ons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YITH WooCommerce Product Add-Ons: from n/a through = 4.2.0...

5.3CVSS7.3AI score0.00343EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/28 5:56 p.m.13 views

CVE-2024-50448 WordPress YITH WooCommerce Product Add-Ons plugin <= 4.14.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in YITHEMES YITH WooCommerce Product Add-Ons yith-woocommerce-product-add-ons.This issue affects YITH WooCommerce Product Add-Ons: from n/a through = 4.14.1...

7.1CVSS5.9AI score0.00302EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/10/24 12:0 a.m.16 views

WordPress YITH WooCommerce Product Add-Ons Plugin <= 4.14.1 is vulnerable to Cross Site Scripting (XSS)

Software YITH WooCommerce Product Add-Ons Type Plugin Vulnerable versions = 4.14.1 Fixed in 4.14.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50448 Patch priority Medium CVSS severity Medium 7.1 Developer YITH PSID c89cdca7b8b3 Credits Le Ngoc Anh Required...

7.1CVSS6.5AI score0.00302EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/10/06 10:15 a.m.17 views

CVE-2024-47367

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in YITHEMES YITH WooCommerce Product Add-Ons yith-woocommerce-product-add-ons allows Reflected XSS.This issue affects YITH WooCommerce Product Add-Ons: from n/a through = 4.13.0...

7.1CVSS0.00304EPSS
Exploits0References1
CVE
CVE
added 2024/10/06 9:43 a.m.51 views

CVE-2024-47367

CVE-2024-47367 affects YITH WooCommerce Product Add-Ons (versions

7.1CVSS5.9AI score0.00304EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/06 9:43 a.m.26 views

CVE-2024-47367 WordPress YITH WooCommerce Product Add-Ons plugin <= 4.13.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in YITHEMES YITH WooCommerce Product Add-Ons yith-woocommerce-product-add-ons allows Reflected XSS.This issue affects YITH WooCommerce Product Add-Ons: from n/a through = 4.13.0...

7.1CVSS0.00304EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/10 3:48 p.m.21 views

CVE-2024-35680 WordPress YITH WooCommerce Product Add-Ons plugin <= 4.9.2 - Content Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in YITHEMES YITH WooCommerce Product Add-Ons yith-woocommerce-product-add-ons.This issue affects YITH WooCommerce Product Add-Ons: from n/a through = 4.9.2...

5.3CVSS5.2AI score0.00329EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/06/06 9:5 a.m.6 views

WordPress YITH WooCommerce Product Add-Ons plugin <= 4.9.2 - Content Injection vulnerability

Content Injection vulnerability discovered by Savphill Patchstack Alliance in WordPress Plugin YITH WooCommerce Product Add-Ons versions = 4.9.2...

5.3CVSS7.2AI score0.00329EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/06/06 12:0 a.m.11 views

WordPress YITH WooCommerce Product Add-Ons Plugin <= 4.9.2 is vulnerable to Content Injection

Software YITH WooCommerce Product Add-Ons Type Plugin Vulnerable versions = 4.9.2 Fixed in 4.9.3 OWASP Top 10 A3: Injection Classification Content Injection CVE CVE-2024-35680 Patch priority Low CVSS severity Low 5.3 Developer YITH PSID b074b61667f8 Credits savphill Required privilege...

5.3CVSS6.8AI score0.00329EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/03/21 3:16 p.m.21 views

CVE-2024-27994

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in YITHEMES YITH WooCommerce Product Add-Ons yith-woocommerce-product-add-ons.This issue affects YITH WooCommerce Product Add-Ons: from n/a through = 4.5.0...

7.1CVSS6.9AI score0.00398EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/11/09 12:0 a.m.8 views

PT-2023-24028 · WordPress · Woocommerce Product Add-Ons

Name of the Vulnerable Software and Affected Versions: WooCommerce Product Add-Ons plugin versions = 6.1.3 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a we...

8.8CVSS8.8AI score0.00303EPSS
Exploits0References5
Patchstack
Patchstack
added 2023/10/25 12:0 a.m.10 views

WordPress YITH WooCommerce Product Add-Ons Plugin <= 4.2.0 is vulnerable to Broken Access Control

Software YITH WooCommerce Product Add-Ons Type Plugin Vulnerable versions = 4.2.0 Fixed in 4.2.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-46635 Patch priority Medium CVSS severity Medium 5.3 Developer YITH PSID e6f126f82710 Credits Elliot Required...

6.5AI score0.00343EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/05/15 12:0 a.m.13 views

WordPress WooCommerce Product Add-ons Plugin <= 6.1.3 is vulnerable to PHP Object Injection

Software WooCommerce Product Add-ons Type Plugin Vulnerable versions = 6.1.3 Fixed in 6.2.0 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2023-32795 Patch priority Medium CVSS severity Medium 8.2 Developer Claim ownership PSID 8de26d9f8493 Credits Rafie Muhammad Patchstac...

8.2CVSS6.8AI score0.00672EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/05/15 12:0 a.m.15 views

WordPress WooCommerce Product Add-ons Plugin <= 6.1.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software WooCommerce Product Add-ons Type Plugin Vulnerable versions = 6.1.3 Fixed in 6.2.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-32794 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID dbc7cb0b3b07 Credits Rafie...

8.8CVSS6.6AI score0.00303EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/09/20 12:0 a.m.14 views

YITH WooCommerce Product Add-Ons < 2.1.0 - Authenticated Local File Inclusion

The plugin does not validate user input before using it to generate a local path passed to include, which could lead to a Local File Inclusion issue on Windows Web Servers PoC https://example.com/wp-admin/admin.php?page=yithwapopanel=blocksid=1id=1type=html%2F..%2Fhello...

1.7AI score
Exploits0Affected Software1
wpexploit
wpexploit
added 2021/09/20 12:0 a.m.539 views

YITH WooCommerce Product Add-Ons < 2.1.0 - Reflected Cross-Site Scripting

The plugin does not escape some parameters before outputting them back in the edit addon page in the admin dashboard, leading to Reflected Cross-Site Scripting issues v alert/XSS-id/&addontype=html"alert/XSS-type/ v 2.1.0...

0.3AI score
Exploits0
WPVulnDB
WPVulnDB
added 2021/09/20 12:0 a.m.10 views

YITH WooCommerce Product Add-Ons < 2.1.0 - Reflected Cross-Site Scripting

The plugin does not escape some parameters before outputting them back in the edit addon page in the admin dashboard, leading to Reflected Cross-Site Scripting issues PoC v type=html" v 2.1.0 https://example.com/wp-admin/admin.php?page=yithwapopanel=blocksid=1id=1type=html" accesskey=X...

Exploits0Affected Software1
Patchstack
Patchstack
added 2019/10/31 12:0 a.m.12 views

WordPress YITH WooCommerce Product Add-Ons plugin <=1.5.21 - Authenticated Settings Change (YITH Plugin Framework <=3.3.8) vulnerability

Authenticated Settings Change YITH Plugin Framework =3.3.8 vulnerability found by Jerome Bruandet in WordPress YITH WooCommerce Product Add-Ons plugin versions =1.5.21. Solution Update the WordPress YITH WooCommerce Product Add-Ons plugin to the latest available version at least 1.5.23...

4.3CVSS3.3AI score0.00948EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder