Vulnerabilidades em stellarwp

117 resultados

CVE-2025-2025MEDIUMGive <= 3.22.0 - Missing Authorization to Unauthenticated Arbitrary Earning Reports Disclosure via give_reports_earnings FunctionEPSS 0.6%CVE-2024-4034MEDIUMVirtue <= 3.4.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post AuthorEPSS 0.6%CVE-2023-6557MEDIUMThe Events Calendar <= 6.2.8.2 - Unauthenticated Sensitive Information ExposureEPSS 0.6%CVE-2024-1541MEDIUMGutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.23 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.5%CVE-2024-1999MEDIUMGutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.25 - Authenticated (Contributor+) Stored Cross-Site Scripting via Testimonial WidgetEPSS 0.5%CVE-2024-23500HIGHWordPress Kadence Blocks plugin <= 3.2.19 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.5%CVE-2025-8620MEDIUMGiveWP – Donation Plugin and Fundraising Platform <= 4.6.0 - Unauthenticated Donor Data ExposureEPSS 0.5%CVE-2025-39557CRITICALWordPress Kadence WooCommerce Email Designer plugin <= 1.5.14 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-4863MEDIUMGutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.38 - Authenticated (Contributor+) Stored Cross-Site Scripting via titleFont ParameterEPSS 0.5%CVE-2024-5939MEDIUMGiveWP – Donation Plugin and Fundraising Platform <= 3.13.0 - Missing Authorization to Limited Information ExposureEPSS 0.5%CVE-2024-5940MEDIUMGiveWP – Donation Plugin and Fundraising Platform <= 3.13.0 - Missing Authorization to Unauthenticated Event Settings UpdateEPSS 0.5%CVE-2024-12581MEDIUMKadence Blocks <= 3.2.53 - Authenticated (Admin+) Stored Cross-Site ScriptingEPSS 0.5%CVE-2024-5648MEDIUMLearnDash LMS - Reports Free <= 1.8.2.1 - Missing Authorization to Plugin Settings UpdateEPSS 0.5%CVE-2024-4209MEDIUMGutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown TimerEPSS 0.4%CVE-2024-5977MEDIUMGiveWP – Donation Plugin and Fundraising Platform <= 3.13.0 - Insecure Direct Object Reference to Authenticated (GiveWP Worker+) Arbitrary Post ActionsEPSS 0.4%CVE-2024-1424MEDIUMGiveWP – Donation Plugin and Fundraising Platform <= 3.5.1 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2022-4974MEDIUMFreemius SDK <= 2.4.2 - Missing Authorization ChecksEPSS 0.4%CVE-2024-11090MEDIUMMembership Plugin – Restrict Content <= 3.2.13 - Unauthenticated Content Restriction Bypass to Sensitive Information ExposureEPSS 0.4%CVE-2025-14844HIGHMembership Plugin – Restrict Content <= 3.2.16 - Missing Authentication to Insecure Direct Object Reference and Sensitive Information ExposureEPSS 0.4%CVE-2025-1402MEDIUMEvent Tickets and Registration <= 5.19.1.1 - Missing Authorization to Ticket DeletionEPSS 0.4%

← anteriorpágina 2 / 6próxima →