Skip to main content

Yml For Yandex Market

4 CVEs product

Monthly

CVE-2026-32567 MEDIUM PATCH This Month

YML for Yandex Market versions prior to 5.3.0 contain a path traversal vulnerability that allows high-privileged attackers to access files outside restricted directories without user interaction. This vulnerability could enable unauthorized disclosure of sensitive information across the system. Currently, no patch is available and exploitation appears unlikely in the wild.

Path Traversal Yml For Yandex Market
NVD VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2024-9378 MEDIUM PATCH This Month

The YML for Yandex Market plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 4.7.2 due to insufficient input. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS Yml For Yandex Market
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-1365 MEDIUM PATCH This Month

The YML for Yandex Market plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the feed_id parameter in all versions up to, and including, 4.2.3 due to insufficient input. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Yml For Yandex Market
NVD
CVSS 3.1
6.1
EPSS
1.3%
CVE-2023-30473 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Yml For Yandex Market
NVD
CVSS 3.1
6.1
EPSS
0.4%
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

YML for Yandex Market versions prior to 5.3.0 contain a path traversal vulnerability that allows high-privileged attackers to access files outside restricted directories without user interaction. This vulnerability could enable unauthorized disclosure of sensitive information across the system. Currently, no patch is available and exploitation appears unlikely in the wild.

Path Traversal Yml For Yandex Market
NVD VulDB
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

The YML for Yandex Market plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 4.7.2 due to insufficient input. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS Yml For Yandex Market
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

The YML for Yandex Market plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the feed_id parameter in all versions up to, and including, 4.2.3 due to insufficient input. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Yml For Yandex Market
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Yml For Yandex Market
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy