YITHEMES 厂商漏洞列表 / CVE 中文分析 24

YITHEMES 厂商相关 24 条 CVE 漏洞，含 AI 中文分析、POC、CVSS 评分与受影响产品。

YITHEMES 是一家专注于WordPress主题与插件开发的厂商，致力于提供企业级网站解决方案。其产品线历史漏洞多集中于跨站脚本（XSS）、远程代码执行（RCE）及未授权访问等高危类型，主要源于输入验证缺失或权限控制疏忽。截至最新统计，该厂商已收录24条CVE，反映出代码审计机制存在改进空间。建议用户及时更新组件，并严格遵循最小权限原则以规避潜在风险。

Top products by YITHEMES: YITH WooCommerce Product Add-Ons YITH WooCommerce Wishlist YITH WooCommerce Compare YITH WooCommerce Ajax Search YITH Custom Login YITH WooCommerce Gift Cards YITH WooCommerce Tab Manager YITH Essential Kit for WooCommerce #1 YITH WooCommerce Ajax Product Filter YITH PayPal Express Checkout for WooCommerce YITH WooCommerce Popup YITH WooCommerce Quick View YITH Slider for page builders YITH WooCommerce Request A Quote

CVEs 24

CVE ID	标题	CVSS	风险等级	Published
CVE-2026-22333	WordPress plugin YITH WooCommerce Compare 代码问题漏洞 — YITH WooCommerce CompareCWE-502	7.2	High	2026-02-19
CVE-2026-24366	WordPress plugin YITH WooCommerce Request A Quote 安全漏洞 — YITH WooCommerce Request A QuoteCWE-862	5.3	Medium	2026-01-22
CVE-2025-68581	WordPress plugin YITH Slider for page builders 安全漏洞 — YITH Slider for page buildersCWE-862	5.4	Medium	2025-12-24
CVE-2025-8617	WordPress plugin YITH WooCommerce Quick View 跨站脚本漏洞 — YITH WooCommerce Quick ViewCWE-79	6.4	Medium	2025-12-13
CVE-2025-12427	WordPress plugin YITH WooCommerce Wishlist 安全漏洞 — YITH WooCommerce WishlistCWE-639	5.3	Medium	2025-11-19
CVE-2025-12777	WordPress plugin YITH WooCommerce Wishlist 授权问题漏洞 — YITH WooCommerce WishlistCWE-285	5.3	Medium	2025-11-19
CVE-2025-54675	WordPress plugin YITH WooCommerce Popup 跨站请求伪造漏洞 — YITH WooCommerce PopupCWE-352	4.3	Medium	2025-08-14
CVE-2025-48111	WordPress plugin YITH PayPal Express Checkout for WooCommerce 跨站请求伪造漏洞 — YITH PayPal Express Checkout for WooCommerceCWE-352	4.3	Medium	2025-06-17
CVE-2025-5238	WordPress plugin YITH WooCommerce Wishlist 跨站脚本漏洞 — YITH WooCommerce WishlistCWE-79	6.4	Medium	2025-06-14
CVE-2023-46635	WordPress plugin YITH WooCommerce Product Add-Ons 安全漏洞 — YITH WooCommerce Product Add-OnsCWE-862	5.3	Medium	2025-01-02
CVE-2024-50448	WordPress plugin YITH WooCommerce Product Add-Ons 跨站脚本漏洞 — YITH WooCommerce Product Add-OnsCWE-79	7.1	High	2024-10-28
CVE-2024-47350	WordPress plugin YITH WooCommerce Ajax Search SQL注入漏洞 — YITH WooCommerce Ajax SearchCWE-89	9.3	Critical	2024-10-06
CVE-2024-47367	WordPress plugin YITH WooCommerce Product Add-Ons 跨站脚本漏洞 — YITH WooCommerce Product Add-OnsCWE-79	7.1	High	2024-10-06
CVE-2024-8665	WordPress plugin YITH Custom Login 跨站脚本漏洞 — YITH Custom LoginCWE-79	6.1	Medium	2024-09-13
CVE-2024-37943	WordPress plugin YITH WooCommerce Ajax Product Filter 跨站脚本漏洞 — YITH WooCommerce Ajax Product FilterCWE-79	5.8	Medium	2024-07-20
CVE-2024-6799	WordPress plugin YITH Essential Kit for WooCommerce 安全漏洞 — YITH Essential Kit for WooCommerce #1CWE-862	4.3	Medium	2024-07-19
CVE-2024-35680	WordPress plugin YITH WooCommerce Product Add-Ons 注入漏洞 — YITH WooCommerce Product Add-OnsCWE-80	5.3	Medium	2024-06-10
CVE-2024-35698	WordPress plugin YITH WooCommerce Tab Manager 跨站脚本漏洞 — YITH WooCommerce Tab ManagerCWE-79	5.9	Medium	2024-06-08
CVE-2024-35732	WordPress plugin YITH Custom Login 跨站脚本漏洞 — YITH Custom LoginCWE-79	5.9	Medium	2024-06-08
CVE-2024-34385	WordPress plugin YITH WooCommerce Wishlist 跨站脚本漏洞 — YITH WooCommerce WishlistCWE-79	5.9	Medium	2024-06-03
CVE-2024-4455	WordPress plugin YITH WooCommerce Ajax Search 安全漏洞 — YITH WooCommerce Ajax SearchCWE-79	7.2	High	2024-05-24
CVE-2024-0870	WordPress plugin YITH WooCommerce Gift Cards 安全漏洞 — YITH WooCommerce Gift CardsCWE-285	5.3	Medium	2024-05-14
CVE-2024-32699	WordPress plugin YITH WooCommerce Compare 跨站请求伪造漏洞 — YITH WooCommerce CompareCWE-352	4.3	Medium	2024-04-24
CVE-2024-27994	WordPress Plugin YITH WooCommerce Product Add-Ons 跨站脚本漏洞 — YITH WooCommerce Product Add-OnsCWE-79	7.1	High	2024-03-21

本页汇总了 YITHEMES 厂商截至目前公开的全部 24 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接，并附带 AI 生成的中文分析以便快速判断风险。

目标达成 感谢每一位支持者 — 我们达成了 100% 目标！

YITHEMES 厂商漏洞列表 / CVE 中文分析 24

目标达成感谢每一位支持者 — 我们达成了 100% 目标！