TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2019-16251

MEDIUM
4.3

Beschreibung

plugin-fw/lib/yit-plugin-panel-wc.php in the YIT Plugin Framework through 3.3.8 for WordPress allows authenticated options changes.

CVE Details

CVSS v3.1 Bewertung4.3
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht10/31/2019
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0

Betroffene Produkte

yithemes:yith_advanced_refund_system_for_woocommerceyithemes:yith_color_and_label_variations_for_woocommerceyithemes:yith_custom_thank_you_page_for_woocommerceyithemes:yith_desktop_notifications_for_woocommerceyithemes:yith_paypal_express_checkout_for_woocommerceyithemes:yith_pre-order_for_woocommerceyithemes:yith_product_size_charts_for_woocommerceyithemes:yith_woocommerce_added_to_cart_popupyithemes:yith_woocommerce_advanced_reviewsyithemes:yith_woocommerce_affiliatesyithemes:yith_woocommerce_ajax_searchyithemes:yith_woocommerce_authorize.net_payment_gatewayyithemes:yith_woocommerce_badge_managementyithemes:yith_woocommerce_best_sellersyithemes:yith_woocommerce_brands_add-onyithemes:yith_woocommerce_bulk_product_editingyithemes:yith_woocommerce_cart_messagesyithemes:yith_woocommerce_compareyithemes:yith_woocommerce_frequently_bought_togetheryithemes:yith_woocommerce_gift_cardsyithemes:yith_woocommerce_mailchimpyithemes:yith_woocommerce_multi-step_checkoutyithemes:yith_woocommerce_multi_vendoryithemes:yith_woocommerce_order_trackingyithemes:yith_woocommerce_pdf_invoice_and_shipping_listyithemes:yith_woocommerce_points_and_rewardsyithemes:yith_woocommerce_product_add-onsyithemes:yith_woocommerce_product_bundlesyithemes:yith_woocommerce_questions_and_answersyithemes:yith_woocommerce_quick_viewyithemes:yith_woocommerce_recover_abandoned_cartyithemes:yith_woocommerce_request_a_quoteyithemes:yith_woocommerce_social_loginyithemes:yith_woocommerce_stripeyithemes:yith_woocommerce_subscriptionyithemes:yith_woocommerce_waiting_listyithemes:yith_woocommerce_wishlistyithemes:yith_woocommerce_zoom_magnifier

Referenzen

https://blog.nintechnet.com/authenticated-settings-change-vulnerability-in-yit-plugin-framework/(cve@mitre.org)
https://wpvulndb.com/vulnerabilities/9932(cve@mitre.org)
https://blog.nintechnet.com/authenticated-settings-change-vulnerability-in-yit-plugin-framework/(af854a3a-2127-422b-91ae-364da2661108)
https://wpvulndb.com/vulnerabilities/9932(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.