Vulnerabilities in ghera74
4 resultsCVE-2026-2421MEDIUMilGhera Carta Docente for WooCommerce <= 1.5.0 - Authenticated (Administrator+) Path Traversal to Arbitrary File Deletion via 'cert' ParameterEPSS 0.5%CVE-2025-14033MEDIUMilGhera Support System for WooCommerce <= 1.3.0 - Missing Authorization to Unauthenticated Sensitive Information ExposureEPSS 0.3%CVE-2025-14034MEDIUMilGhera Support System for WooCommerce <= 1.2.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Ticket DeletionEPSS 0.2%CVE-2024-13521MEDIUMMailUp Auto Subscription <= 1.1.0 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%