Vulnerabilities in saadiqbal

44 results

CVE-2024-0437MEDIUMPassword Protected – Ultimate Plugin to Password Protect Your WordPress Content with Ease <= 2.6.6 - Missing Authorization to Sensitive Information ExposureEPSS 0.4%CVE-2024-8725MEDIUMAdvanced File Manager <= 5.2.8 - Authenticated (Subscriber+) Limited File UploadEPSS 0.4%CVE-2021-4411MEDIUMWP EasyPay – Square for WordPress <= 3.2.0 - Cross-Site Request Forgery BypassEPSS 0.4%CVE-2024-0656MEDIUMPassword Protected <= 2.6.6 - Authenticated (Admin+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2026-0832HIGHNew User Approve <= 3.2.2 - Missing Authorization to Unauthenticated Arbitrary User Approval, Denial, and Information DisclosureEPSS 0.3%CVE-2024-8658MEDIUMmyCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce rewards, and WooCommerce credits for Gamification <= 2.7.3 - Missing Authorization to Unauthenticated Database UpgradeEPSS 0.3%CVE-2024-10187MEDIUMmyCred <= 2.7.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via mycred_link ShortcodeEPSS 0.3%CVE-2025-3453MEDIUMPassword Protected – Password Protect your WordPress Site, Pages, & WooCommerce Products <= 2.7.7 - Unauthenticated Sensitive Information ExposureEPSS 0.3%CVE-2025-0521HIGHPost SMTP <= 3.0.2 - Unauthenticated Stored Cross-Site ScriptingEPSS 0.3%CVE-2025-11244LOWPassword Protected <= 2.7.11 - Unauthenticated Authorization Bypass via IP Address SpoofingEPSS 0.3%CVE-2024-13362MEDIUMFreemius <= 2.10.1 - Reflected DOM-Based Cross-Site Scripting via url ParameterEPSS 0.3%CVE-2026-8607MEDIUMmyCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'wrap' Shortcode AttributeEPSS 0.3%CVE-2025-12770MEDIUMNew User Approve <= 3.0.9 - Unauthenticated Sensitive Information Disclosure via Type JugglingEPSS 0.3%CVE-2025-12887MEDIUMPost SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App <= 3.6.1 - Missing Authorization to Authenticated (Subscriber+) OAuth Token UpdateEPSS 0.3%CVE-2024-13805MEDIUMAdvanced File Manager <= 5.2.14 - Authenticated (Subscriber+) Stored Cross-Site Scripting via SVG File UploadEPSS 0.2%CVE-2026-7430MEDIUMPost Snippets <= 4.0.19 - Authenticated (Administrator+) Stored Cross-Site Scripting via ImportEPSS 0.2%CVE-2026-1674MEDIUMGutena Forms – Contact Form, Survey Form, Feedback Form, Booking Form, and Custom Form Builder <= 1.6.0 - Authenticated (Contributor+) Limited Options Update in save_gutena_forms_schema()EPSS 0.2%CVE-2026-3090HIGHPost SMTP <= 3.8.0 - Unauthenticated Stored Cross-Site Scripting via 'event_type'EPSS 0.2%CVE-2025-12362MEDIUMmyCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program <= 2.9.7 - Missing Authorization to Unauthenticated Withdrawal Request ApprovalEPSS 0.2%CVE-2025-9219MEDIUMPost SMTP <= 3.4.1 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Option UpdateEPSS 0.2%

← previouspage 2 / 3next →