CVE-2026-42383
HIGH NVDCVSS Score
7.6
Severity
HIGH
Source
NVD
Published
May 20, 2026
Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YITH YITH WooCommerce Product Add-Ons allows Blind SQL Injection. This issue affects YITH WooCommerce Product Add-Ons: from n/a through 4.29.0.