Vulnerabilidades em tigroumeow
16 resultadosCVE-2025-11749CRITICALAI Engine <= 3.1.3 - Unauthenticated Sensitive Information Exposure to Privilege EscalationEPSS 75.3%CVE-2024-0699MEDIUMAI Engine <= 2.1.4 - Authenticated(Editor+) Arbitrary File Upload via add_image_from_urlEPSS 1.2%CVE-2025-7847HIGHAI Engine 2.9.3 - 2.9.4 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 1.0%CVE-2026-1400HIGHAI Engine <= 3.3.2 - Authenticated (Editor+) Arbitrary File Upload via 'filename' Parameter in update_media_metadata EndpointEPSS 0.7%CVE-2024-0378MEDIUMAI Engine <= 2.2.0 - Unauthenticated Stored Cross-Site ScriptingEPSS 0.6%CVE-2025-5071HIGHAI Engine 2.8.0 - 2.8.3 - Authenticated (Subscriber+) Insufficient Authorization to Privilege Escalation via MCPEPSS 0.6%CVE-2025-7780MEDIUMAI Engine <= 2.9.4 - Missing URL Scheme Validation to Authenticated (Subscriber+) Arbitrary File Read via simpleTranscribeAudio and get_audio FunctionsEPSS 0.5%CVE-2024-4386MEDIUMGallery Block (Meow Gallery) <= 5.1.3 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2025-8084MEDIUMAI Engine <= 3.1.8 - Authenticated (Editor+) Server-Side Request ForgeryEPSS 0.4%CVE-2026-8719HIGHAI Engine 3.4.9 - Authenticated (Subscriber+) Privilege Escalation via Missing Authorization in MCP OAuth Bearer TokenEPSS 0.4%CVE-2025-12844HIGHAI Engine <= 3.1.8 - Authenticated (Subscriber+) PHP Object Injection via PHAR DeserializationEPSS 0.4%CVE-2025-6238HIGHAI Engine 2.8.4 - Insecure OAuth ImplementationEPSS 0.3%CVE-2025-8268MEDIUMAi Engine <= 2.9.5 - Missing Authorization to Unauthenticated Uploaded Files Disclosure And DeletionEPSS 0.3%CVE-2026-1291MEDIUMMeow Gallery <= 5.4.4 - Missing Authorization to Authenticated (Author+) Shortcode creationEPSS 0.2%CVE-2026-0746MEDIUMAI Engine <= 3.3.2 - Authenticated (Subscriber+) Server-Side Request ForgeryEPSS 0.2%CVE-2025-5570MEDIUMAI Engine <= 2.8.4 - Authenticated (Subscriber+) Stored Cross-Site Scripting via `mwai_chatbot` Shortcode `id` ParameterEPSS 0.2%