Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in YITH YITH WooCommerce Product Add-Ons allows Code Injection.This issue affects YITH WooCommerce Product Add-Ons: from n/a through 4.9.2.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 09:20
Type | Values Removed | Values Added |
---|---|---|
References | () https://patchstack.com/database/vulnerability/yith-woocommerce-product-add-ons/wordpress-yith-woocommerce-product-add-ons-plugin-4-9-2-content-injection-vulnerability?_s_id=cve - Third Party Advisory |
12 Jun 2024, 17:49
Type | Values Removed | Values Added |
---|---|---|
References | () https://patchstack.com/database/vulnerability/yith-woocommerce-product-add-ons/wordpress-yith-woocommerce-product-add-ons-plugin-4-9-2-content-injection-vulnerability?_s_id=cve - Third Party Advisory | |
Summary |
|
|
First Time |
Yithemes
Yithemes yith Woocommerce Product Add-ons |
|
CPE | cpe:2.3:a:yithemes:yith_woocommerce_product_add-ons:*:*:*:*:free:wordpress:*:* |
10 Jun 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-06-10 16:15
Updated : 2024-11-21 09:20
NVD link : CVE-2024-35680
Mitre link : CVE-2024-35680
CVE.ORG link : CVE-2024-35680
JSON object : View
Products Affected
yithemes
- yith_woocommerce_product_add-ons
CWE
CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')