The YITH WooCommerce Product Add-Ons plugin for WordPress has a vulnerability that allows anyone with Shop Manager access or higher to inject a malicious code. This code could be used to delete files, steal data, or even execute code. It affects all versions up to 4.3.1 and no additional plugins or themes are required.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
