Yithemes Yith Woocommerce Product Add-ons — known CVE vulnerabilities
Every CVE whose affected-product data names Yithemes Yith Woocommerce Product Add-ons, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2023-49777 — CVSS 9.1 (critical): Deserialization of Untrusted Data vulnerability in YITH YITH WooCommerce Product Add-Ons.This issue affects YITH WooCommerce Product…
CVE-2024-50448 — CVSS 7.1 (high): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YITHEMES YITH WooCommerce Product…
CVE-2024-35680 — CVSS 5.3 (medium): Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in YITHEMES YITH WooCommerce Product Add-Ons…
CVE-2019-16251 — CVSS 4.3 (medium): plugin-fw/lib/yit-plugin-panel-wc.php in the YIT Plugin Framework through 3.3.8 for WordPress allows authenticated options changes.