Vulnerabilities and security researches foryith-woocommerce-ajax-navigation yith-woocommerce-ajax-navigation

Jul 14, 2024

CVE, Research URL: CVE-2024-37943
Home page URL: Security reports for YITH WooCommerce Ajax Product Filter
Application: YITH WooCommerce Ajax Product Filter
Date: Jul 20, 2024
Research Description: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in YITH YITH WooCommerce Ajax Product Filter allows Reflected XSS.This issue affects YITH WooCommerce Ajax Product Filter: from n/a through 5.1.0.
Affected versions: max 5.2.0.
Status: vulnerable

Jun 07, 2024

CVE, Research URL: 21a5f00a631cbb9404c2e7f770857be57e7be35e
Home page URL: Security reports for YITH WooCommerce Ajax Product Filter
Application: YITH WooCommerce Ajax Product Filter
Date: Jun 22, 2020
Research Description: YITH WooCommerce Ajax Product Filter [yith-woocommerce-ajax-navigation] < 3.11.1 WordPress YITH WooCommerce Ajax Product Filter plugin <= 3.11.0 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability Authenticated Reflected Cross-Site Scripting (XSS) vulnerability found by John Castro in WordPress YITH WooCommerce Ajax Product Filter plugin (versions <= 3.11.0).
Affected versions: max 3.11.1.
Status: vulnerable