Filtered by vendor Yikesinc
Subscribe
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-43463 | 1 Yikesinc | 1 Custom Product Tabs For Woocommerce | 2022-11-20 | N/A | 4.8 MEDIUM |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Custom Product Tabs for WooCommerce plugin <= 1.7.9 on WordPress. | |||||
| CVE-2022-28666 | 1 Yikesinc | 1 Custom Product Tabs For Woocommerce | 2022-07-27 | N/A | 5.3 MEDIUM |
| Broken Access Control vulnerability in YIKES Inc. Custom Product Tabs for WooCommerce plugin <= 1.7.7 at WordPress leading to &yikes-the-content-toggle option update. | |||||
| CVE-2021-24985 | 1 Yikesinc | 1 Easy Forms For Mailchimp | 2022-01-27 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Easy Forms for Mailchimp WordPress plugin before 6.8.6 does not sanitise and escape the field_name and field_type parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues | |||||
| CVE-2019-15318 | 1 Yikesinc | 1 Easy Forms For Mailchimp | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| The yikes-inc-easy-mailchimp-extender plugin before 6.5.3 for WordPress has code injection via the admin input field. | |||||