Known Vulnerabilities for products from Yaycommerce
Listed below are 7 of the newest known vulnerabilities associated with the vendor "Yaycommerce".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-39496 json | Not Provided | 2026-04-08 | 2026-04-13 | |
| CVE-2026-27327 json | Not Provided | 2026-02-19 | 2026-04-01 | |
| CVE-2025-60114 json | Not Provided | 2025-09-26 | 2026-04-01 | |
| CVE-2025-54043 json | Not Provided | 2025-07-16 | 2026-04-01 | |
| CVE-2025-53256 json | Not Provided | 2025-06-27 | 2026-04-01 | |
| CVE-2025-48301 json | Not Provided | 2025-07-16 | 2026-04-01 | |
| CVE-2025-48299 json | Not Provided | 2025-07-16 | 2026-04-01 | |
| CVE-2025-48161 json | Not Provided | 2025-07-16 | 2026-04-01 | |
| CVE-2025-47587 json | Not Provided | 2025-05-07 | 2026-04-01 | |
| CVE-2025-31415 json | Not Provided | 2025-04-01 | 2026-04-01 | |
| CVE-2025-0953 json | The SMTP for Sendinblue – YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and ... | Not Provided | 2025-02-22 | 2026-04-08 |
| CVE-2025-0918 json | The SMTP for SendGrid – YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and in... | Not Provided | 2025-02-22 | 2026-04-08 |
| CVE-2023-3093 json | The YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via email contents in versions up to, and inclu... | Not Provided | 2023-07-12 | 2026-04-08 |
| CVE-2022-2372 json | The YaySMTP WordPress plugin before 2.2.2 does not sanitise and escape some of its settings, which could allow high privilege... | 4.8 - MEDIUM | 2022-08-08 | 2022-08-12 |
| CVE-2022-2371 json | The YaySMTP WordPress plugin before 2.2.1 does not have proper authorisation when saving its settings, allowing users with a ... | 5.4 - MEDIUM | 2022-08-08 | 2022-08-12 |
| CVE-2022-2370 json | The YaySMTP WordPress plugin before 2.2.1 does not have capability check before displaying the Mailer Credentials in JS code ... | 6.5 - MEDIUM | 2022-08-01 | 2023-11-07 |
| CVE-2022-2369 json | The YaySMTP WordPress plugin before 2.2.1 does not have capability check in an AJAX action, allowing any logged in users, suc... | 4.3 - MEDIUM | 2022-08-01 | 2022-08-05 |