Yithemes YITH WooCommerce Ajax Search for WordPress
Approved changes feed: RSS · Atom
cpe:2.3:a:yithemes:yith_woocommerce_ajax_search:-:*:*:*:*:wordpress:*:*
part: a version: - update: *
| Vendor | Yithemes (3d8b3521-99a5-5f4f-9825-4a1663e47e91) |
|---|---|
| Product | Yith Woocommerce Ajax Search (55d2e611-eb08-5500-98ad-45ca80c0ac3a) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | wordpress |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/wp-plugins/yith-woocommerce-ajax-search |
purl2cpe | 2026-06-01 10:12:08.814394 |
pkg:github/wpplugins/yith-woocommerce-ajax-search |
purl2cpe | 2026-06-01 10:12:08.814395 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-7846 |
vulnerable | 2026-06-03 14:58:07.375781 |
YITH WooCommerce Ajax Search < 2.7.1 - Contributor+ Stored XSS
YITH WooCommerce Ajax Search is vulnerable to a XSS vulnerability due to insufficient sanitization of user supplied block attributes. This makes it possible for Contributors+ attackers to inject arbitrary scripts.
Published: 2024-09-23T06:00:01.607Z
Updated: 2024-09-23T15:27:52.329Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-47350 |
vulnerable | 2026-06-03 14:57:01.086075 |
WordPress YITH WooCommerce Ajax Search plugin <= 2.8.0 - SQL Injection vulnerability
CRITICAL (9.3)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YITHEMES YITH WooCommerce Ajax Search yith-woocommerce-ajax-search.This issue affects YITH WooCommerce Ajax Search: from n/a through <= 2.8.0.
Published: 2024-10-06T12:55:16.832Z
Updated: 2026-04-28T16:10:19.221Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.