CVE-2019-16251

EPSS 0.51%
Veröffentlicht 31.10.2019 17:15:10
Zuletzt bearbeitet 21.11.2024 04:30:23
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

YIT Plugin Framework <= 3.3.8 - Authenticated Settings Change

plugin-fw/lib/yit-plugin-panel-wc.php in the YIT Plugin Framework through 3.3.8 for WordPress allows authenticated options changes.

Mögliche Gegenmaßnahme

YITH Advanced Refund System for WooCommerce: Update to version 1.0.12, or a newer patched version

YITH Color and Label Variations for WooCommerce: Update to version 1.8.13, or a newer patched version

YITH Custom Thank You Page for WooCommerce: Update to version 1.1.8, or a newer patched version

YITH Desktop Notifications for WooCommerce: Update to version 1.2.8, or a newer patched version

YITH PayPal Express Checkout for WooCommerce: Update to version 1.2.6, or a newer patched version

YITH Pre-Order for WooCommerce: Update to version 1.2.1, or a newer patched version

YITH Product Size Charts for WooCommerce: Update to version 1.1.13, or a newer patched version

YITH WooCommerce Added to Cart Popup: Update to version 1.3.13, or a newer patched version

YITH WooCommerce Advanced Reviews: Update to version 1.4.0, or a newer patched version

YITH WooCommerce Affiliates: Update to version 1.6.3, or a newer patched version

YITH WooCommerce Ajax Search: Update to version 1.7.1, or a newer patched version

YITH WooCommerce Authorize.net Payment Gateway: Update to version 1.1.13, or a newer patched version

YITH WooCommerce Badge Management: Update to version 1.3.20, or a newer patched version

YITH WooCommerce Best Sellers: Update to version 1.1.13, or a newer patched version

YITH WooCommerce Brands Add-On: Update to version 1.3.7, or a newer patched version

YITH WooCommerce Bulk Product Editing: Update to version 1.2.14, or a newer patched version

YITH WooCommerce Cart Messages: Update to version 1.4.5, or a newer patched version

YITH WooCommerce Compare: Update to version 2.3.15, or a newer patched version

YITH Frequently Bought Together for WooCommerce: Update to version 1.2.11, or a newer patched version

YITH WooCommerce Gift Cards: Update to version 1.3.8, or a newer patched version

YITH WooCommerce Mailchimp: Update to version 2.1.4, or a newer patched version

YITH WooCommerce Multi-step Checkout: Update to version 1.7.5, or a newer patched version

YITH WooCommerce Order & Shipment Tracking: Update to version 1.2.11, or a newer patched version

YITH WooCommerce PDF Invoice and Shipping List: Update to version 1.2.13, or a newer patched version

YITH WooCommerce Points and Rewards: Update to version 1.3.6, or a newer patched version

YITH WooCommerce Product Add-Ons: Update to version 1.5.23, or a newer patched version

YITH WooCommerce Product Bundles: Update to version 1.1.17, or a newer patched version

YITH WooCommerce Multi Vendor: Update to version 3.4.1, or a newer patched version

YITH WooCommerce Questions and Answers: Update to version 1.2.0, or a newer patched version

YITH WooCommerce Quick View: Update to version 1.3.15, or a newer patched version

YITH WooCommerce Recover Abandoned Cart: Update to version 1.3.4, or a newer patched version

YITH Request a Quote for WooCommerce: Update to version 1.4.9, or a newer patched version

YITH WooCommerce Social Login: Update to version 1.3.6, or a newer patched version

YITH WooCommerce Stripe: Update to version 2.0.2, or a newer patched version

YITH WooCommerce Subscription: Update to version 1.3.6, or a newer patched version

YITH WooCommerce Waitlist: Update to version 1.3.11, or a newer patched version

YITH WooCommerce Wishlist: Update to version 2.2.14, or a newer patched version

YITH WooCommerce Product Gallery & Image Zoom: Update to version 1.3.12, or a newer patched version

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 6

Weitere Schwachstelleninformationen

SystemWordPress Plugin

≫

Produkt YITH Advanced Refund System for WooCommerce

Version * - 1.0.10

SystemWordPress Plugin

≫

Produkt YITH Color and Label Variations for WooCommerce

Version * - 1.8.11

SystemWordPress Plugin

≫

Produkt YITH Custom Thank You Page for WooCommerce

Version * - 1.1.6

SystemWordPress Plugin

≫

Produkt YITH Desktop Notifications for WooCommerce

Version * - 1.2.7

SystemWordPress Plugin

≫

Produkt YITH PayPal Express Checkout for WooCommerce

Version * - 1.2.5

SystemWordPress Plugin

≫

Produkt YITH Pre-Order for WooCommerce

Version * - 1.1.9

SystemWordPress Plugin

≫

Produkt YITH Product Size Charts for WooCommerce

Version * - 1.1.1

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Added to Cart Popup

Version * - 1.3.11

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Advanced Reviews

Version * - 1.3.9

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Affiliates

Version [*, 1.6.3)

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Ajax Search

Version * - 1.6.9

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Authorize.net Payment Gateway

Version * - 1.1.12

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Badge Management

Version * - 1.3.19

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Best Sellers

Version * - 1.1.11

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Brands Add-On

Version * - 1.3.6

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Bulk Product Editing

Version * - 1.2.13

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Cart Messages

Version * - 1.4.3

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Compare

Version * - 2.3.13

SystemWordPress Plugin

≫

Produkt YITH Frequently Bought Together for WooCommerce

Version * - 1.2.10

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Gift Cards

Version * - 1.3.7

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Mailchimp

Version * - 2.1.3

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Multi-step Checkout

Version * - 1.7.4

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Order & Shipment Tracking

Version * - 1.2.10

SystemWordPress Plugin

≫

Produkt YITH WooCommerce PDF Invoice and Shipping List

Version * - 1.2.12

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Points and Rewards

Version * - 1.3.4

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Product Add-Ons

Version * - 1.5.21

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Product Bundles

Version * - 1.1.15

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Multi Vendor

Version * - 3.4.0

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Questions and Answers

Version * - 1.1.9

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Quick View

Version * - 1.3.13

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Recover Abandoned Cart

Version * - 1.3.2

SystemWordPress Plugin

≫

Produkt YITH Request a Quote for WooCommerce

Version * - 1.4.7

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Social Login

Version * - 1.3.4

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Stripe

Version * - 2.0.1

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Subscription

Version * - 1.3.4

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Waitlist

Version * - 1.3.9

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Wishlist

Version * - 2.2.13

SystemWordPress Plugin

≫

Produkt YITH WooCommerce Product Gallery & Image Zoom

Version * - 1.3.11

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Yithemes ≫ Yith Woocommerce Wishlist SwPlatformwordpress Version <= 2.2.13

Yithemes ≫ Yith Woocommerce Compare SwPlatformwordpress Version <= 2.3.13

Yithemes ≫ Yith Woocommerce Quick View SwPlatformwordpress Version <= 1.3.13

Yithemes ≫ Yith Woocommerce Zoom Magnifier SwPlatformwordpress Version <= 1.3.11

Yithemes ≫ Yith Woocommerce Ajax Search SwPlatformwordpress Version <= 1.6.9

Yithemes ≫ Yith Woocommerce Badge Management SwPlatformwordpress Version <= 1.3.19

Yithemes ≫ Yith Woocommerce Brands Add-on SwPlatformwordpress Version <= 1.3.6

Yithemes ≫ Yith Woocommerce Request A Quote SwPlatformwordpress Version <= 1.4.7

Yithemes ≫ Yith Woocommerce Social Login SwPlatformwordpress Version <= 1.3.4

Yithemes ≫ Yith Woocommerce Order Tracking SwPlatformwordpress Version <= 1.2.10

Yithemes ≫ Yith Woocommerce Pdf Invoice And Shipping List SwPlatformwordpress Version <= 1.2.12

Yithemes ≫ Yith Pre-order For Woocommerce SwPlatformwordpress Version <= 1.1.9

Yithemes ≫ Yith Woocommerce Advanced Reviews SwPlatformwordpress Version <= 1.3.9

Yithemes ≫ Yith Woocommerce Product Add-ons SwPlatformwordpress Version <= 1.5.21

Yithemes ≫ Yith Woocommerce Gift Cards SwPlatformwordpress Version <= 1.3.7

Yithemes ≫ Yith Woocommerce Subscription SwPlatformwordpress Version <= 1.3.4

Yithemes ≫ Yith Woocommerce Affiliates SwPlatformwordpress Version <= 1.6.3

Yithemes ≫ Yith Woocommerce Cart Messages SwPlatformwordpress Version <= 1.4.3

Yithemes ≫ Yith Woocommerce Product Bundles SwPlatformwordpress Version <= 1.1.15

Yithemes ≫ Yith Woocommerce Frequently Bought Together SwPlatformwordpress Version <= 1.2.10

Yithemes ≫ Yith Woocommerce Multi-step Checkout SwPlatformwordpress Version <= 1.7.4

Yithemes ≫ Yith Color And Label Variations For Woocommerce SwPlatformwordpress Version <= 1.8.11

Yithemes ≫ Yith Custom Thank You Page For Woocommerce SwPlatformwordpress Version <= 1.1.6

Yithemes ≫ Yith Product Size Charts For Woocommerce SwPlatformwordpress Version <= 1.1.1

Yithemes ≫ Yith Woocommerce Added To Cart Popup SwPlatformwordpress Version <= 1.3.11

Yithemes ≫ Yith Woocommerce Bulk Product Editing SwPlatformwordpress Version <= 1.2.13

Yithemes ≫ Yith Woocommerce Stripe SwPlatformwordpress Version <= 2.0.1

Yithemes ≫ Yith Woocommerce Waiting List SwPlatformwordpress Version <= 1.3.9

Yithemes ≫ Yith Woocommerce Points And Rewards SwPlatformwordpress Version <= 1.3.4

Yithemes ≫ Yith Advanced Refund System For Woocommerce SwPlatformwordpress Version <= 1.0.10

Yithemes ≫ Yith Woocommerce Authorize.Net Payment Gateway SwPlatformwordpress Version <= 1.1.12

Yithemes ≫ Yith Woocommerce Best Sellers SwPlatformwordpress Version <= 1.1.11

Yithemes ≫ Yith Woocommerce Mailchimp SwPlatformwordpress Version <= 2.1.3

Yithemes ≫ Yith Woocommerce Multi Vendor SwPlatformwordpress Version <= 3.4.0

Yithemes ≫ Yith Woocommerce Questions And Answers SwPlatformwordpress Version <= 1.1.9

Yithemes ≫ Yith Woocommerce Recover Abandoned Cart SwPlatformwordpress Version <= 1.3.2

Yithemes ≫ Yith Paypal Express Checkout For Woocommerce SwPlatformwordpress Version <= 1.2.5

Yithemes ≫ Yith Desktop Notifications For Woocommerce SwPlatformwordpress Version <= 1.2.7

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.51%	0.654

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
nvd@nist.gov	4	8	2.9	AV:N/AC:L/Au:S/C:N/I:P/A:N

https://blog.nintechnet.com/authenticated-settings-change-vulnerability-in-yit-plugin-framework/

Third Party Advisory

https://wpvulndb.com/vulnerabilities/9932

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/3b34a0c6-3573-48c7-8edb-c9cf9503da06

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-16251

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-16251

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-16251

EUVD