Vulnerabilidades em ays-pro
38 resultadosCVE-2025-14442MEDIUMSecure Copy Content Protection and Content Locking <= 4.9.2 - Unauthenticated Sensitive Information Exposure via Exposed CSV Export FileEPSS 0.3%CVE-2025-12620MEDIUMPoll Maker – Versus Polls, Anonymous Polls, Image Polls <= 6.0.7 - Authenticated (Administrator+) SQL Injection via `filterbyauthor` ParameterEPSS 0.3%CVE-2024-8488MEDIUMSurvey Maker – Customer Satisfaction Questionnaire, Chat Survey, Calculation Form, Payment Forms <= 4.9.7 - Authenticated (Admin+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2026-1320HIGHSecure Copy Content Protection and Content Locking <= 4.9.8 - Unauthenticated Stored Cross-Site Scripting via X-Forwarded-For HeaderEPSS 0.3%CVE-2024-12575MEDIUMPoll Maker – Versus Polls, Anonymous Polls, Image Polls <= 5.8.9 - Unauthenticated Basic Information ExposureEPSS 0.3%CVE-2025-13381MEDIUMAI ChatBot with ChatGPT and Content Generator by AYS <= 2.7.0 - Missing Authorization to Unauthenticated Media File UploadsEPSS 0.2%CVE-2025-13378MEDIUMAI ChatBot with ChatGPT and Content Generator by AYS <= 2.7.0 - Unauthenticated Server-Side Request Forgery via 'pinecone_url' ParameterEPSS 0.2%CVE-2024-13505MEDIUMSurvey Maker <= 5.1.3.3 - Authenticated (Admin+) Stored Cross-Site Scripting via Survey QuestionEPSS 0.2%CVE-2026-6817MEDIUMQuiz Maker by AYS <= 6.7.1.29 - Unauthenticated Stored Cross-Site Scripting via 'rate_reason'EPSS 0.2%CVE-2026-2384MEDIUMQuiz Maker <= 6.7.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.2%CVE-2025-12891MEDIUMSurvey Maker <= 5.1.9.4 - Missing Authorization to Unauthenticated Information ExposureEPSS 0.2%CVE-2025-12892MEDIUMSurvey Maker <= 5.1.9.4 - Missing Authorization to Unauthenticated Limited Option UpdateEPSS 0.2%CVE-2026-2367MEDIUMSecure Copy Content Protection and Content Locking <= 5.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode AttributeEPSS 0.2%CVE-2026-1165MEDIUMPopup Box <= 6.1.1 - Cross-Site Request Forgery to Popup Status ChangeEPSS 0.2%CVE-2024-12115MEDIUMPoll Maker <= 5.5.4 - Cross-Site Request Forgery to Poll DuplicationEPSS 0.1%CVE-2025-14159MEDIUMSecure Copy Content Protection and Content Locking <= 4.9.2 - Cross-Site Request Forgery to Data ExportEPSS 0.1%CVE-2025-13685MEDIUMPhoto Gallery by Ays <= 6.4.8 - Cross-Site Request Forgery to Bulk ActionsEPSS 0.1%CVE-2025-14454MEDIUMImage Slider by Ays- Responsive Slider and Carousel <= 2.7.0 - Cross-Site Request Forgery to Arbitrary Slider DeletionEPSS 0.1%