Yithemes Yith Woocommerce Gift Cards — known CVE vulnerabilities
Every CVE whose affected-product data names Yithemes Yith Woocommerce Gift Cards, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2021-3120 — CVSS 9.8 (critical): An arbitrary file upload vulnerability in the YITH WooCommerce Gift Cards Premium plugin before 3.3.1 for WordPress allows remote attackers…
CVE-2022-45359 — CVSS 9.8 (critical): Unauth. Arbitrary File Upload vulnerability in YITH WooCommerce Gift Cards premium plugin <= 3.19.0 on WordPress.
CVE-2019-16251 — CVSS 4.3 (medium): plugin-fw/lib/yit-plugin-panel-wc.php in the YIT Plugin Framework through 3.3.8 for WordPress allows authenticated options changes.