Yith Woocommerce Ajax Search Security Vulnerabilities and Issues — Yith Woocommerce Ajax Search CVE List

Lucene search

YithemesYith Woocommerce Ajax Search

4 matches found

CVE•added 2019/10/31 5:15 p.m.•91 views

CVE-2019-16251

plugin-fw/lib/yit-plugin-panel-wc.php in the YIT Plugin Framework through 3.3.8 for WordPress allows authenticated options changes.

4.3CVSS4.4AI score0.00505EPSS

CVE•added 2024/10/06 1:15 p.m.•49 views

CVE-2024-47350

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YITH YITH WooCommerce Ajax Search allows SQL Injection.This issue affects YITH WooCommerce Ajax Search: from n/a through 2.8.0.

9.3CVSS9.7AI score0.00242EPSS

CVE•added 2024/05/24 11:15 a.m.•40 views

CVE-2024-4455

The YITH WooCommerce Ajax Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘item’ parameter in versions up to, and including, 2.4.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary we...

7.2CVSS6.4AI score0.01315EPSS

CVE•added 2024/09/23 6:15 a.m.•36 views

CVE-2024-7846

YITH WooCommerce Ajax Search is vulnerable to a XSS vulnerability due to insufficient sanitization of user supplied block attributes. This makes it possible for Contributors+ attackers to inject arbitrary scripts.

5.4CVSS6.3AI score0.00069EPSS