Vulnerabilities in realmag777
117 resultsCVE-2024-13340MEDIUMMDTF – Meta Data and Taxonomies Filter <= 1.3.3.6 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2024-10168MEDIUMActive Products Tables for WooCommerce. Use constructor to create tables <= 1.0.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via woot_button ShortcodeEPSS 0.3%CVE-2026-39501MEDIUMWordPress FOX plugin <= 1.4.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-4942MEDIUMBEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product ManipulationEPSS 0.3%CVE-2023-4926MEDIUMBEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product DeletionEPSS 0.3%CVE-2024-35730HIGHWordPress Active Products Tables for WooCommerce plugin <= 1.0.6.3 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2023-4923MEDIUMBEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product DeletionEPSS 0.3%CVE-2023-4940MEDIUMBEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product ManipulationEPSS 0.3%CVE-2024-34434MEDIUMWordPress MDTF – Meta Data and Taxonomies Filter plugin <= 1.3.3.2 - Arbitrary Shortcode Execution vulnerabilityEPSS 0.3%CVE-2026-42727CRITICALWordPress Active Products Tables for WooCommerce plugin <= 1.0.8 - SQL Injection vulnerabilityEPSS 0.3%CVE-2023-44990MEDIUMWordPress WOLF Plugin <= 1.0.7.1 is vulnerable to Cross Site Scripting (XSS)EPSS 0.3%CVE-2025-54707CRITICALWordPress MDTF Plugin <= 1.3.3.7 - SQL Injection VulnerabilityEPSS 0.3%CVE-2023-4937MEDIUMBEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product ManipulationEPSS 0.3%CVE-2023-4935MEDIUMBEAR <= 1.1.3.3 - Cross-Site Request Forgery to Profile CreationEPSS 0.3%CVE-2026-39497HIGHWordPress FOX plugin <= 1.4.5 - SQL Injection vulnerabilityEPSS 0.3%CVE-2025-49907MEDIUMWordPress MDTF plugin <= 1.3.3.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-34558MEDIUMWordPress WOLF plugin <= 1.0.8.2 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2024-7491MEDIUMHUSKY – Products Filter Professional for WooCommerce <= 1.3.6.1 - Insecure Direct Object Reference to UnsubscribeEPSS 0.3%CVE-2023-51506MEDIUMWordPress WPCS Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS)EPSS 0.3%CVE-2023-4924MEDIUMBEAR <= 1.1.3.3 - Missing Authorization to Product DeletionEPSS 0.3%