Skip to main content

Yith Woocommerce Gift Cards

3 CVEs product

Monthly

CVE-2022-45359 CRITICAL Act Now

Unauth. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress File Upload Yith Woocommerce Gift Cards
NVD
CVSS 3.1
9.8
EPSS
13.5%
CVE-2021-3120 CRITICAL POC THREAT Act Now

An arbitrary file upload vulnerability in the YITH WooCommerce Gift Cards Premium plugin before 3.3.1 for WordPress allows remote attackers to achieve remote code execution on the operating system in. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress RCE PHP File Upload Yith Woocommerce Gift Cards
NVD GitHub
CVSS 3.1
9.8
EPSS
36.8%
CVE-2019-16251 MEDIUM This Month

plugin-fw/lib/yit-plugin-panel-wc.php in the YIT Plugin Framework through 3.3.8 for WordPress allows authenticated options changes. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP WordPress Information Disclosure Yith Woocommerce Wishlist Yith Woocommerce Compare +36
NVD
CVSS 3.1
4.3
EPSS
0.9%
EPSS 14% CVSS 9.8
CRITICAL Act Now

Unauth. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress File Upload Yith Woocommerce Gift Cards
NVD
EPSS 37% CVSS 9.8
CRITICAL POC THREAT Act Now

An arbitrary file upload vulnerability in the YITH WooCommerce Gift Cards Premium plugin before 3.3.1 for WordPress allows remote attackers to achieve remote code execution on the operating system in. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress RCE PHP +2
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM This Month

plugin-fw/lib/yit-plugin-panel-wc.php in the YIT Plugin Framework through 3.3.8 for WordPress allows authenticated options changes. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP WordPress Information Disclosure +38
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy