Vulnerabilidades em webfactory
24 resultadosCVE-2024-0867HIGHEmail Log <= 2.4.8 - Unauthenticated Hook InjectionEPSS 0.8%CVE-2023-6799MEDIUMWP Reset <= 2.0 - Sensitive Information Exposure due to Insufficient RandomnessEPSS 0.7%CVE-2024-1075LOWMinimal Coming Soon – Coming Soon Page <= 2.37 - Unauthenticated Maintenance Mode BypassEPSS 0.7%CVE-2026-5411HIGHWP Captcha PRO <= 5.38 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File UploadEPSS 0.4%CVE-2023-5062MEDIUMWordPress Charts <= 0.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.4%CVE-2024-5087MEDIUMMinimal Coming Soon – Coming Soon Page <= 2.38 - Missing Authorization to Limited Settings ChangeEPSS 0.4%CVE-2024-13623MEDIUMOrder Export for WooCommerce <= 3.24 - Unauthenticated Sensitive Information Exposure Through Unprotected DirectoryEPSS 0.4%CVE-2025-23968CRITICALWordPress AiBud WP plugin <= 1.9 - Arbitrary File Upload vulnerabilityEPSS 0.4%CVE-2025-11707MEDIUMLogin Lockdown & Protection <= 2.14 - IP Block BypassEPSS 0.4%CVE-2024-1340MEDIUMLogin Lockdown – Protect Login Form <= 2.08 - Missing AuthorizationEPSS 0.4%CVE-2026-5415HIGHWP Captcha PRO <= 5.38 - Authenticated (Subscriber+) Authentication Bypass via Temporary Login LinkEPSS 0.4%CVE-2023-1913MEDIUMMaps Widget for Google Maps <= 4.24 - Authenticated (Administrator+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-43259MEDIUMWordPress Order Export for WooCommerce plugin <= 3.23 - Sensitive Data Exposure vulnerabilityEPSS 0.4%CVE-2025-2074MEDIUMAdvanced Google reCAPTCHA <= 1.29 - Authenticated (Subscriber+) Limited SQL Injection via 'sSearch' ParameterEPSS 0.4%CVE-2024-5770MEDIUMWP Force SSL & HTTPS SSL Redirect <= 1.66 - Missing Authorization to Settings UpdateEPSS 0.3%CVE-2024-12034MEDIUMAdvanced Google reCAPTCHA <= 1.25 - Brute Force Protection IP UnblockEPSS 0.3%CVE-2025-1262MEDIUMAdvanced Google reCaptcha <= 1.27 - Built-in Math CAPTCHA BypassEPSS 0.3%CVE-2025-10645MEDIUMWP Reset <= 2.05 - Unauthenticated Sensitive Information Exposure via wf-licensing.logEPSS 0.3%CVE-2025-3766MEDIUMLogin Lockdown & Protection <= 2.11 - Missing Authorization to Authenticated (Subscriber+) Arbitrary IP WhitelistingEPSS 0.3%CVE-2024-4661MEDIUMWP Reset <= 2.02 - Missing Authorization to License Key ModificationEPSS 0.3%