Vulnerabilities in quadlayers
15 resultsCVE-2023-47681MEDIUMWordPress WooCommerce Checkout Manager plugin <= 7.3.0 - Broken Access Control vulnerabilityEPSS 9.2%CVE-2022-23982MEDIUMWordPress Perfect Brands for WooCommerce plugin <= 2.0.4 - Server Information Exposure vulnerabilityEPSS 1.2%CVE-2021-4443CRITICALWordPress Mega Menu <= 2.0.6 - Arbitrary File CreationEPSS 0.7%CVE-2022-23981MEDIUMWordPress Perfect Brands for WooCommerce plugin <= 2.0.4 - Set Featured Brand vulnerabilityEPSS 0.6%CVE-2024-39640MEDIUMWordPress Social Feed Gallery plugin <= 4.3.9 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-13930MEDIUMCheckout Field Manager (Checkout Manager) for WooCommerce <= 7.8.5 - Missing Authorization to Unauthenticated Arbitrary Attachment DeletionEPSS 0.4%CVE-2025-12500MEDIUMCheckout Field Manager (Checkout Manager) for WooCommerce <= 7.8.1 - Unauthenticated Limited File UploadEPSS 0.3%CVE-2025-2821MEDIUMSearch Exclude <= 2.4.9 - Missing Authorization to Unauthenticated Plugin Settings ModificationEPSS 0.3%CVE-2025-10637MEDIUMSocial Feed Gallery <= 4.9.2 - Missing Authorization to Unauthenticated Information ExposureEPSS 0.3%CVE-2025-58686HIGHWordPress Perfect Brands for WooCommerce plugin <= 3.6.2 - SQL Injection vulnerabilityEPSS 0.2%CVE-2025-10144MEDIUMPerfect Brands for WooCommerce <= 3.6.2 - Authenticated (Contributor+) SQL InjectionEPSS 0.2%CVE-2025-62116MEDIUMWordPress AI Copilot plugin <= 1.5.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-63016MEDIUMWordPress QuadLayers TikTok Feed plugin <= 4.6.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-2871MEDIUMWordPress Mega Menu – QuadMenu <= 3.2.0 - Cross-Site Request Forgery to Limited User Meta UpdateEPSS 0.2%CVE-2025-10646MEDIUMSearch Exclude <= 2.5.7 – Missing Authorization to Authenticated (Contributor+) Search Settings Modification via REST APIEPSS 0.2%