yaycommerce

Top products

The 15 most recently published vulnerabilities affecting yaycommerce.

• CVE-2026-39496WordPress YayMail plugin <= 4.3.3 - SQL Injection vulnerability7.6Apr 8, 2026
• CVE-2025-67994WordPress YayCurrency plugin <= 3.3 - Arbitrary Content Deletion vulnerability7.5Feb 20, 2026
• CVE-2026-27327WordPress YayMail – WooCommerce Email Customizer plugin <= 4.3.2 - Broken Access Control vulnerability4.3Feb 19, 2026
• CVE-2026-1831YayMail <= 4.3.2 - Missing Authorization to Authenticated (Shop Manager+) Plugin Installation and Activation2.7Feb 18, 2026
• CVE-2026-1938YayMail <= 4.3.2 - Missing Authorization to Authenticated (Shop Manager+) License Key Deletion via '/yaymail-license/v1/license/delete' Endpoint5.3Feb 18, 2026
• CVE-2026-1943YayMail <= 4.3.2 - Authenticated (Shop Manager+) Stored Cross-Site Scripting via Template Elements4.4Feb 18, 2026
• CVE-2026-1937YayMail <= 4.3.2 - Missing Authorization to Authenticated (Shop Manager+) Arbitrary Options Update via 'yaymail_import_state' AJAX Action9.8Feb 18, 2026
• CVE-2025-60077WordPress YayPricing plugin <= 3.5.3 - Broken Access Control vulnerability7.5Dec 18, 2025
• CVE-2025-60114WordPress YayCurrency plugin <= 3.3.1 - Remote Code Execution (RCE) vulnerability6.6Sep 26, 2025
• CVE-2025-48161WordPress YaySMTP plugin <= 1.3 - SQL Injection Vulnerability7.6Jul 16, 2025
• CVE-2025-48299WordPress YayExtra plugin <= 1.5.5 - SQL Injection Vulnerability7.6Jul 16, 2025
• CVE-2025-48301WordPress SMTP for SendGrid – YaySMTP plugin <= 1.5 - SQL Injection Vulnerability7.6Jul 16, 2025
• CVE-2025-54043WordPress SMTP for Amazon SES plugin <= 1.9 - SQL Injection Vulnerability7.6Jul 16, 2025
• CVE-2025-53256WordPress YaySMTP plugin <= 2.6.6 - SQL Injection Vulnerability7.6Jun 27, 2025
• CVE-2025-47587WordPress YaySMTP plugin <= 2.6.4 - SQL Injection Vulnerability7.6May 7, 2025