Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Yith_essential_kit_for_woocommerce
(Yithemes)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 1 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2024-07-19 | CVE-2024-6799 | The YITH Essential Kit for WooCommerce #1 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'activate_module', 'deactivate_module', and 'install_module' functions in all versions up to, and including, 2.34.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install, activate, and deactivate plugins from a pre-defined list of available YITH plugins. | Yith_essential_kit_for_woocommerce | 4.3 |