Vulnerabilities in iqonicdesign
25 resultsCVE-2024-11728HIGHKiviCare – Clinic & Patient Management System (EHR) <= 3.6.4 - Unauthenticated SQL InjectionEPSS 13.3%CVE-2025-6058CRITICALWPBookit <= 1.0.4 - Unauthenticated Arbitrary File UploadEPSS 5.6%CVE-2025-7852CRITICALWPBookit <= 1.0.6 - Unauthenticated Arbitrary File Upload via image_upload_handle FunctionEPSS 1.2%CVE-2025-2525HIGHStreamit <= 4.0.1 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 0.8%CVE-2025-6057HIGHWPBookit <= 1.0.4 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 0.6%CVE-2025-3811CRITICALWPBookit <= 1.0.2 - Insecure Direct Object Reference to Unauthenticated Privilege Escalation via Email UpdateEPSS 0.6%CVE-2025-3810CRITICALWPBookit <= 1.0.2 - Insecure Direct Object Reference to Unauthenticated Privilege Escalation via Account TakeoverEPSS 0.6%CVE-2024-4574MEDIUMGraphina – Elementor Charts and Graphs <= 1.8.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple WidgetsEPSS 0.6%CVE-2024-11729MEDIUMKiviCare – Clinic & Patient Management System (EHR) <= 3.6.4 - Authenticated (Subscriber+) SQL InjectionEPSS 0.6%CVE-2025-1572MEDIUMKiviCare – Clinic & Patient Management System (EHR) <= 3.6.7 - Authenticated (Doctor+) SQL Injection via 'u_id' ParameterEPSS 0.5%CVE-2025-2526HIGHStreamit <= 4.0.2 - Authenticated (Subscriber+) Privilege Escalation via User Email Change/Account TakeoverEPSS 0.5%CVE-2026-2991HIGHKiviCare – Clinic & Patient Management System (EHR) <= 4.1.2 - Unauthenticated Authentication Bypass via Social Login TokenEPSS 0.4%CVE-2025-2519MEDIUMStreamit <= 4.0.1 - Authenticated (Subscriber+) Arbitrary File DownloadEPSS 0.4%CVE-2024-11730MEDIUMKiviCare – Clinic & Patient Management System (EHR) <= 3.6.4 - Authenticated (Doctor/Receptionist+) SQL InjectionEPSS 0.4%CVE-2026-1980MEDIUMWPBookit <= 1.0.8 - Missing Authorization to Unauthenticated Sensitive Customer Data ExposureEPSS 0.4%CVE-2025-8867MEDIUMGraphina - Elementor Charts and Graphs <= 3.1.3 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-13529MEDIUMSocialV - Social Network and Community BuddyPress Theme <= 2.0.15 - Missing Authorization to Arbitrary File DownloadEPSS 0.4%CVE-2026-25413CRITICALWordPress WPBookit Pro plugin <= 1.6.18 - Arbitrary File Upload vulnerabilityEPSS 0.3%CVE-2026-1945HIGHWPBookit <= 1.0.8 - Unauthenticated Stored Cross-Site Scripting via 'wpb_user_name' and 'wpb_user_email' ParametersEPSS 0.3%CVE-2026-0927MEDIUMKiviCare – Clinic & Patient Management System (EHR) <= 3.6.15 - Missing Authorization to Unauthenticated Limited Arbitrary File UploadEPSS 0.3%