6 matches found
CVE-2024-50448 WordPress YITH WooCommerce Product Add-Ons plugin <= 4.14.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in YITHEMES YITH WooCommerce Product Add-Ons yith-woocommerce-product-add-ons.This issue affects YITH WooCommerce Product Add-Ons: from n/a through = 4.14.1...
WordPress YITH WooCommerce Product Add-Ons Plugin <= 4.14.1 is vulnerable to Cross Site Scripting (XSS)
Software YITH WooCommerce Product Add-Ons Type Plugin Vulnerable versions = 4.14.1 Fixed in 4.14.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50448 Patch priority Medium CVSS severity Medium 7.1 Developer YITH PSID c89cdca7b8b3 Credits Le Ngoc Anh Required...
WordPress YITH WooCommerce Affiliates Plugin <= 3.8.0 is vulnerable to Backdoor
Software YITH WooCommerce Affiliates Type Plugin Vulnerable versions = 3.8.0 Fixed in 3.8.1 OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer YITH PSID 6b928027e13c Credits Sansec.io Required privilege Unauthenticated Published 3 July,...
WordPress YITH WooCommerce Wishlist Plugin <= 3.32.0 is vulnerable to Cross Site Scripting (XSS)
Software YITH WooCommerce Wishlist Type Plugin Vulnerable versions = 3.32.0 Fixed in 3.33.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34385 Patch priority Low CVSS severity Low 5.9 Developer YITH PSID 293b2a23f462 Credits savphill Required privilege...
WordPress YITH WooCommerce Gift Cards Plugin <= 4.12.0 is vulnerable to Broken Access Control
Software YITH WooCommerce Gift Cards Type Plugin Vulnerable versions = 4.12.0 Fixed in 4.13.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-0870 Patch priority Low CVSS severity Low 5.3 Developer YITH PSID 8dd8ed435d7e Credits Francesco Carlucci Required...
WordPress YITH WooCommerce Authorize.net Payment Gateway plugin <=1.1.12 - Authenticated Settings Change (YITH Plugin Framework <=3.3.8) vulnerability
Authenticated Settings Change YITH Plugin Framework =3.3.8 vulnerability found by Jerome Bruandet in WordPress YITH WooCommerce Authorize.net Payment Gateway plugin versions =1.1.12. Solution Update the WordPress YITH WooCommerce Authorize.net Payment Gateway plugin to the latest available versio...