Known Vulnerabilities for products from Yithemes

Listed below are 9 of the newest known vulnerabilities associated with the vendor "Yithemes".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2025-54675 Not Provided 2025-08-14 2026-04-01
CVE-2024-50448 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YITHEMES YITH WooCommer... Not Provided 2024-10-28 2026-04-01
CVE-2024-47367 Not Provided 2024-10-06 2026-04-01
CVE-2024-47350 Not Provided 2024-10-06 2026-04-01
CVE-2024-37943 Not Provided 2024-07-20 2026-04-01
CVE-2024-35732 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YITHEMES YITH Custom Lo... Not Provided 2024-06-08 2026-04-01
CVE-2024-35698 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YITHEMES YITH WooCommer... Not Provided 2024-06-08 2026-04-01
CVE-2024-35680 Not Provided 2024-06-10 2026-04-01
CVE-2024-34385 Not Provided 2024-06-03 2026-04-01
CVE-2024-32699 Not Provided 2024-04-24 2026-04-01
CVE-2021-36845 Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in YITH Maintenance Mode (WordPress plugin) versions... 4.8 - MEDIUM 2021-09-27 2021-10-12
CVE-2021-36841 Authenticated Stored Cross-Site Scripting (XSS) vulnerability in YITH Maintenance Mode (WordPress plugin) versions <= 1.3.7, ... 5.4 - MEDIUM 2021-09-27 2021-09-30
CVE-2021-3120 An arbitrary file upload vulnerability in the YITH WooCommerce Gift Cards Premium plugin before 3.3.1 for WordPress allows re... 9.8 - CRITICAL 2021-02-22 2023-02-01
CVE-2019-16251 plugin-fw/lib/yit-plugin-panel-wc.php in the YIT Plugin Framework through 3.3.8 for WordPress allows authenticated options ch... 4.3 - MEDIUM 2019-10-31 2020-08-24
CVE-2015-9429 The yith-maintenance-mode plugin before 1.2.0 for WordPress has CSRF with resultant XSS via the wp-admin/themes.php?page=yith... 6.5 - MEDIUM 2019-09-26 2019-09-26

Known software with vulnerabilities from Yithemes

Type Vendor Product Version
ApplicationYithemesYith Advanced Refund System For Woocommerce1.0.0
ApplicationYithemesYith Color And Label Variations For Woocommerce1.0.0
ApplicationYithemesYith Custom Thank You Page For Woocommerce1.0.0
ApplicationYithemesYith Desktop Notifications For Woocommerce-
ApplicationYithemesYith Maintenance Mode-
ApplicationYithemesYith Paypal Express Checkout For Woocommerce-
ApplicationYithemesYith Pre-order For Woocommerce-
ApplicationYithemesYith Product Size Charts For Woocommerce-
ApplicationYithemesYith Woocommerce Added To Cart Popup-
ApplicationYithemesYith Woocommerce Advanced Reviews-
ApplicationYithemesYith Woocommerce Affiliates-
ApplicationYithemesYith Woocommerce Ajax Search-
ApplicationYithemesYith Woocommerce Authorize.net Payment Gateway1.0.1
ApplicationYithemesYith Woocommerce Badge Management-
ApplicationYithemesYith Woocommerce Gift Cards1.0.0
ApplicationYithemesYith Woocommerce Mailchimp1.0.0
ApplicationYithemesYith Woocommerce Questions And Answers-