CVE-2024-35680

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in YITH YITH WooCommerce Product Add-Ons allows Code Injection.This issue affects YITH WooCommerce Product Add-Ons: from n/a through 4.9.2.
Configurations

Configuration 1 (hide)

cpe:2.3:a:yithemes:yith_woocommerce_product_add-ons:*:*:*:*:free:wordpress:*:*

History

21 Nov 2024, 09:20

Type Values Removed Values Added
References () https://patchstack.com/database/vulnerability/yith-woocommerce-product-add-ons/wordpress-yith-woocommerce-product-add-ons-plugin-4-9-2-content-injection-vulnerability?_s_id=cve - Third Party Advisory () https://patchstack.com/database/vulnerability/yith-woocommerce-product-add-ons/wordpress-yith-woocommerce-product-add-ons-plugin-4-9-2-content-injection-vulnerability?_s_id=cve - Third Party Advisory

12 Jun 2024, 17:49

Type Values Removed Values Added
References () https://patchstack.com/database/vulnerability/yith-woocommerce-product-add-ons/wordpress-yith-woocommerce-product-add-ons-plugin-4-9-2-content-injection-vulnerability?_s_id=cve - () https://patchstack.com/database/vulnerability/yith-woocommerce-product-add-ons/wordpress-yith-woocommerce-product-add-ons-plugin-4-9-2-content-injection-vulnerability?_s_id=cve - Third Party Advisory
Summary
  • (es) La neutralización inadecuada de elementos especiales en la salida utilizados por una vulnerabilidad de componente posterior ("inyección") en YITH YITH WooCommerce Product Add-Ons permite la inyección de código. Este problema afecta a YITH WooCommerce Product Add-Ons: desde n/a hasta 4.9.2.
First Time Yithemes
Yithemes yith Woocommerce Product Add-ons
CPE cpe:2.3:a:yithemes:yith_woocommerce_product_add-ons:*:*:*:*:free:wordpress:*:*

10 Jun 2024, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-10 16:15

Updated : 2024-11-21 09:20


NVD link : CVE-2024-35680

Mitre link : CVE-2024-35680

CVE.ORG link : CVE-2024-35680


JSON object : View

Products Affected

yithemes

  • yith_woocommerce_product_add-ons
CWE
CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')