Vulnerabilities in WPChill
59 resultsCVE-2022-4972HIGHDownload Monitor <= 4.7.51 - Missing Authorization to Unauthenticated Data ExportEPSS 0.5%CVE-2022-41135MEDIUMWordPress Modula plugin <= 2.6.9 - Unauth. Plugin Settings Change vulnerabilityEPSS 0.5%CVE-2024-10092MEDIUMDownload Monitor <= 5.0.12 - Missing Authorization to API Key ManipulationEPSS 0.4%CVE-2022-40672MEDIUMWordPress CPO Shortcodes plugin <= 1.5.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2023-5704MEDIUMCPO Shortcodes <= 1.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.4%CVE-2022-4974MEDIUMFreemius SDK <= 2.4.2 - Missing Authorization ChecksEPSS 0.4%CVE-2024-10399MEDIUMDownload Monitor <= 5.0.13 - Missing Authorization to Sensitive Information ExposureEPSS 0.4%CVE-2024-11282MEDIUMPassster – Password Protect Pages and Content <= 4.2.10 - Unauthenticated Content Restriction Bypass to Sensitive Information ExposureEPSS 0.4%CVE-2023-26013MEDIUMWordPress Strong Testimonials Plugin <= 3.0.2 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2023-25451MEDIUMWordPress CPO Content Types Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2024-11106MEDIUMSimple Restrict <= 1.2.7 - Unauthenticated Content Restriction Bypass to Sensitive Information ExposureEPSS 0.4%CVE-2025-10000MEDIUMQyrr – simply and modern QR-Code creation <= 2.0.7 - Authenticated (Contributor+) Arbitrary File UploadEPSS 0.4%CVE-2024-8552MEDIUMDownload Monitor <= 5.0.9 - Missing Authorization to Authenticated (Subscriber+) Shop EnableEPSS 0.4%CVE-2025-13891MEDIUMImage Gallery – Photo Grid & Video Gallery (Modula) <= 2.13.3 - Missing Authorization to Arbitrary Directory ListingEPSS 0.4%CVE-2024-32429MEDIUMWordPress Remove Footer Credit plugin <= 1.0.13 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2024-12711MEDIUMRSVP and Event Management <= 2.7.13 - Missing AuthorizationEPSS 0.3%CVE-2024-1218MEDIUMContact Form builder with drag & drop for WordPress – Kali Forms <= 2.3.41 - Missing AuthorizationEPSS 0.3%CVE-2022-36292MEDIUMWordPress Gallery PhotoBlocks plugin <= 1.2.6 - Cross-Site Request Forgery (CSRF) vulnerabilitiesEPSS 0.3%CVE-2024-1217HIGHContact Form builder with drag & drop for WordPress – Kali Forms <= 2.3.41 - Missing Authorization to Arbitrary Plugin DeactivationEPSS 0.3%CVE-2024-3269MEDIUMDownload Monitor <= 4.9.13 - Missing AuthorizationEPSS 0.3%