Vulnerabilidades em smub
91 resultadosCVE-2024-6210MEDIUMDuplicator <= 1.5.9 - Full Path DisclosureEPSS 0.6%CVE-2024-6694LOWWP Mail SMTP <= 4.0.1 - Authenticated (Admin+) SMTP Password ExposureEPSS 0.6%CVE-2024-13453HIGHContact Form & SMTP Plugin for WordPress by PirateForms <= 2.6.0 - Unauthenticated Arbitrary Shortcode ExecutionEPSS 0.5%CVE-2026-6177HIGHCustom Twitter Feeds <= 2.5.4 - Unauthenticated Stored Cross-Site Scripting via Cached Tweet TextEPSS 0.5%CVE-2023-5049MEDIUMGiveaways and Contests by RafflePress <= 1.12.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.5%CVE-2023-4841MEDIUMFeeds for YouTube <= 2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.5%CVE-2024-3554MEDIUMAll in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic <= 4.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.5%CVE-2026-1463HIGHPhoto Gallery, Sliders, Proofing and Themes – NextGEN Gallery <= 4.0.4 - Authenticated (Author+) Local File InclusionEPSS 0.5%CVE-2024-10878MEDIUMSugar Calendar (Lite) <= 3.3.0 - Reflected Cross-Site ScriptingEPSS 0.4%CVE-2024-0903MEDIUMUser Feedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds <= 1.0.13 - Unauthenticated Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-1447MEDIUMSydney Toolbox <= 1.25 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-6256MEDIUMFeeds for YouTube (YouTube video, channel, and gallery plugin) <= 2.2.1 - Authenticated (Contributor+) DOM-Based Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-5020MEDIUMMultiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript LibraryEPSS 0.4%CVE-2023-6742MEDIUMEnvira Gallery Lite <= 1.8.7.2 - Missing Authorization to Gallery Modification via envira_gallery_insert_imagesEPSS 0.4%CVE-2024-8199MEDIUMReviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and More <= 1.1.2 - Missing Authorization to Authenticated (Subscriber+) Limited Settings UpdateEPSS 0.4%CVE-2024-0659MEDIUMEasy Digital Downloads <= 3.2.6 - Authenticated(Shop Manager+) Stored Cross-Site Scripting via variable pricing optionsEPSS 0.4%CVE-2024-5902HIGHUserFeedback Lite <= 1.0.15 - Unauthenticated Stored Cross-Site Scripting via Name ParameterEPSS 0.4%CVE-2024-3208MEDIUMSydney Toolbox <= 1.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via Filterable GalleryEPSS 0.4%CVE-2026-2471HIGHWP Mail Logging <= 1.15.0 - Unauthenticated PHP Object Injection via Email Log Message FieldEPSS 0.4%CVE-2026-1993HIGHExactMetrics 7.1.0 - 9.0.2 - Authenticated (Custom) Improper Privilege Management to Role Privilege Escalation via Settings UpdateEPSS 0.4%