SQLi Vulnerability in YITH WooCommerce Wishlist

SQLi Vulnerability in YITH WooCommerce Wishlist

As part of our regular research audits for our Sucuri Firewall, we discovered an SQL Injection vulnerability affecting the YITH WooCommerce Wishlist plugin for WordPress. This plugin allows visitors and potential customers to make wish lists containing products in the WooCommerce store, and is currently installed on 500,000+ websites.

Are You at Risk?

This vulnerability is caused by the lack of sanitization of user provided data in versions below 2.2.0.

Continue reading SQLi Vulnerability in YITH WooCommerce Wishlist at Sucuri Blog.

Facebooktwittergoogle_plusredditlinkedintumblrmail
No Comments

Sorry, the comment form is closed at this time.

Top

Fresh View Partners