Vulnerabilidades en WPClever
33 resultadosCVE-2026-48883HIGHWordPress WPC Product Bundles for WooCommerce plugin <= 8.5.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2023-52127MEDIUMWordPress WPC Product Bundles for WooCommerce Plugin <= 7.3.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-8618MEDIUMWPC Smart Quick View for WooCommerce <= 4.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via woosq_btn ShortcodeEPSS 0.2%CVE-2025-11518MEDIUMWPC Smart Wishlist for WooCommerce <= 5.0.3 - Insecure Direct Object Reference to Unauthenticated Wishlist ManipulationEPSS 0.2%CVE-2025-5530MEDIUMWPC Smart Compare for WooCommerce <= 6.4.6 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-14767MEDIUMWPC Badge Management for WooCommerce <= 3.1.6 - Authenticated (Shop Manager+) Stored Cross-Site Scripting via 'text' AttributeEPSS 0.2%CVE-2026-32406MEDIUMWordPress WPC Product Bundles for WooCommerce plugin <= 8.4.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-12004MEDIUMWPC Order Notes for WooCommerce <= 1.5.2 - Cross-Site Request Forgery to Reflected Cross-Site ScriptingEPSS 0.2%CVE-2025-7496MEDIUMWPC Smart Compare for WooCommerce <= 6.4.7 - Authenticated (Contributor+) DOM-Based Stored Cross-Site ScriptingEPSS 0.2%CVE-2026-32407MEDIUMWordPress WPC Smart Wishlist for WooCommerce plugin <= 5.0.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62903MEDIUMWordPress WPC Smart Messages for WooCommerce plugin <= 4.2.8 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2026-6725MEDIUMWPC Smart Messages for WooCommerce <= 4.2.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode AttributeEPSS 0.2%CVE-2025-49908MEDIUMWordPress WPC Countdown Timer for WooCommerce plugin <= 3.1.4 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%