Vulnerabilities and security researches foryith-woocommerce-waiting-list yith-woocommerce-waiting-list

Jun 07, 2024

CVE, Research URL: CVE-2019-16251
Home page URL: Security reports for YITH WooCommerce Waitlist
Application: YITH WooCommerce Waitlist
Date: Oct 31, 2019
Research Description: plugin-fw/lib/yit-plugin-panel-wc.php in the YIT Plugin Framework through 3.3.8 for WordPress allows authenticated options changes.
Affected versions: max 1.21.1.
Status: vulnerable

Jun 10, 2024

CVE, Research URL: CVE-2023-36506
Home page URL: Security reports for YITH WooCommerce Waitlist
Application: YITH WooCommerce Waitlist
Date: Dec 13, 2024
Research Description: Missing Authorization vulnerability in YITH YITH WooCommerce Waiting List allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YITH WooCommerce Waiting List: from n/a through 2.13.0.
Affected versions: max 2.6.1.
Status: vulnerable