Yith Woocommerce Product Add-ons CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-50448	1 Yithemes	1 Yith Woocommerce Product Add-ons	2026-04-01	6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YITHEMES YITH WooCommerce Product Add-Ons yith-woocommerce-product-add-ons.This issue affects YITH WooCommerce Product Add-Ons: from n/a through <= 4.14.1.
CVE-2024-35680	1 Yithemes	1 Yith Woocommerce Product Add-ons	2026-04-01	5.3 Medium
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in YITHEMES YITH WooCommerce Product Add-Ons yith-woocommerce-product-add-ons.This issue affects YITH WooCommerce Product Add-Ons: from n/a through <= 4.9.2.
CVE-2023-49777	1 Yithemes	1 Yith Woocommerce Product Add-ons	2024-11-21	9.1 Critical
Deserialization of Untrusted Data vulnerability in YITH YITH WooCommerce Product Add-Ons.This issue affects YITH WooCommerce Product Add-Ons: from n/a through 4.3.0.
CVE-2019-16251	1 Yithemes	38 Yith Advanced Refund System For Woocommerce, Yith Color And Label Variations For Woocommerce, Yith Custom Thank You Page For Woocommerce and 35 more	2024-11-21	4.3 Medium
plugin-fw/lib/yit-plugin-panel-wc.php in the YIT Plugin Framework through 3.3.8 for WordPress allows authenticated options changes.

Page 1 of 1.