Vulnerabilidades en Themeisle

98 resultados

CVE-2024-7424MEDIUMMultiple Page Generator Plugin – MPG <= 4.0.1 - Missing AuthorizationEPSS 0.3%CVE-2024-3344MEDIUMOtter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE <= 2.6.8 - Authenticated (Author+) Limited File Upload to Stored Cross-Site ScriptingEPSS 0.3%CVE-2026-2892HIGHOtter Blocks <= 3.1.4 - Improper Authorization to Unauthenticated Purchase Verification Bypass via Forged CookieEPSS 0.3%CVE-2025-9322HIGHStripe Payment Forms <= 8.3.1 - Unauthenticated SQL InjectionEPSS 0.3%CVE-2023-6801MEDIUMRSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator <= 4.3.2 - Authenticated (Author+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2026-25366CRITICALWordPress Woody ad snippets plugin <= 2.7.1 - Remote Code Execution (RCE) vulnerabilityEPSS 0.3%CVE-2024-7778MEDIUMOrbit Fox by ThemeIsle <= 2.10.36 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File UploadEPSS 0.3%CVE-2026-8976MEDIUMRSS Aggregator by Feedzy <= 5.1.7 - Missing Authorization to Authenticated (Contributor+) Import Job Creation, Execution, Purge, Log Clearing, and Information Disclosure via Multiple AJAX Sub-ActionsEPSS 0.3%CVE-2025-13794MEDIUMAuto Featured Image <= 4.2.1 - Missing Authorization to Authenticated (Contributor+) Post Thumbnail ModificationEPSS 0.3%CVE-2023-6798MEDIUMRSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator <= 4.3.2 - Missing AuthorizationEPSS 0.3%CVE-2025-9562MEDIUMRedirection for Contact Form 7 <= 3.2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via qs_date ShortcodeEPSS 0.3%CVE-2025-53209CRITICALWordPress Masteriyo LMS PRO plugin <= 2.20.0 - Privilege Escalation VulnerabilityEPSS 0.3%CVE-2025-11128MEDIUMFeedzy RSS Feeds Lite <= 5.1.0 - Authenticated (Subscriber+) Server-Side Request ForgeryEPSS 0.3%CVE-2025-53986MEDIUMWordPress Hestia theme <= 3.2.10 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2023-7073MEDIUMAuto Featured Image (Auto Post Thumbnail) <= 4.1.7 - Authenticated (Author+) Server-Side Request ForgeryEPSS 0.3%CVE-2022-47143MEDIUMWordPress Multiple Page Generator Plugin – MPG Plugin <= 3.3.9 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2025-22659MEDIUMWordPress Orbit Fox by ThemeIsle plugin <= 2.10.44 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2025-1065MEDIUMVisualizer: Tables and Charts Manager for WordPress <= 3.11.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Import Data From FileEPSS 0.3%CVE-2025-12483MEDIUMVisualizer: Tables and Charts Manager for WordPress <= 3.11.12 - Authenticated (Contributor+) SQL InjectionEPSS 0.2%CVE-2026-42749HIGHWordPress Disable Comments for Any Post Types (Remove comments) plugin <= 1.3.0 - Broken Authentication vulnerabilityEPSS 0.2%

← anteriorpágina 4 / 5siguiente →