Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total1

Critical0

High0

Medium1

Search Severity Year Type Sort Order

Reset

Showing 1-1 of 1 records

Threat Entry Updated 2024-11-21

CVE-2024-6799 - Yith Essential Kit For Woocommerce Plugin

The YITH Essential Kit for WooCommerce #1 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'activate_module', 'deactivate_module', and 'install_module' functions in all versions up to, and including, 2.34.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install, activate, and deactivate plugins from a pre-defined list of available YITH plugins.

PLUGIN Yith Essential Kit For Woocommerce

CVE-2024-6799

MEDIUM CVSS 4.3 2024-07-19

Risk Score

Open Full Technical Breakdown

Scroll to top

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2024-6799 - Yith Essential Kit For Woocommerce Plugin

Company Links

Contact Us