cleantalk
Vulnerabilities and Security Researches

YITH PayPal Express Checkout for WooCommerce, CVE-2019-16251

CVE, Research URL

CVE-2019-16251

Home page URL

Security reports for YITH PayPal Express Checkout for WooCommerce

Application

YITH PayPal Express Checkout for WooCommerce

Published on
Oct 31, 2019
Research Description
plugin-fw/lib/yit-plugin-panel-wc.php in the YIT Plugin Framework through 3.3.8 for WordPress allows authenticated options changes.
Affected versions
Min -, max 1.20.1.
Status
vulnerable
Previous vulnerability researches
PayPal Express Checkout (CVE-2025-46499) , Apr 26, 2025
YITH PayPal Express Checkout for WooCommerce (CVE-2019-16251) , Jun 07, 2024
WooCommerce PayPal Checkout Payment Gateway (CVE-2019-7441) , Jun 07, 2024
WooCommerce PayPal Checkout Payment Gateway (CVE-2019-14979) , Jun 07, 2024
New vulnerability
WS Form LITE – Drag & Drop Contact Form Builder for WordPress (CVE-2025-3912) , Apr 28, 2025
Upsell Order Bump Offer for WooCommerce – Increase Sales and AOV, Upsell & Cross-sell Offers on Checkout Page (CVE-2025-3743) , Apr 28, 2025
ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes (CVE-2025-3280) , Apr 28, 2025
FuseDesk (CVE-2025-3832) , Apr 27, 2025
Create custom forms for WordPress with a smart form plugin for smart businesses – Form builder for WordPress (CVE-2025-2801) , Apr 27, 2025