Vulnerabilities in vanquish

21 results
CVE-2024-11150CRITICALWordPress User Extra Fields <= 16.6 - Unauthenticated Arbitrary File DeletionEPSS 1.3%CVE-2024-10625CRITICALWooCommerce Support Ticket System <= 17.7 - Unauthenticated Arbitrary File DeletionEPSS 1.0%CVE-2024-10626HIGHWooCommerce Support Ticket System <= 17.7 - Authenticated (Subscriber+) Arbitrary File DeletionEPSS 0.9%CVE-2024-10801CRITICALWordPress User Extra Fields <= 16.5 - Unauthenticated Arbitrary File UploadEPSS 0.8%CVE-2024-10627CRITICALWooCommerce Support Ticket System <= 17.7 - Unauthenticated Arbitrary File UploadEPSS 0.8%CVE-2024-10800HIGHWordPress User Extra Fields <= 16.6 - Missing Authorization to Authenticated (Subscriber+) Privilege EscalationEPSS 0.8%CVE-2025-7846HIGHWordPress User Extra Fields <= 16.7 - Authenticated (Subscriber+) Arbitrary File Deletion via save_fields FunctionEPSS 0.6%CVE-2025-69376HIGHWordPress User Extra Fields plugin <= 17.0 - Arbitrary File Deletion vulnerabilityEPSS 0.5%CVE-2025-69377HIGHWordPress User Extra Fields plugin <= 17.0 - Arbitrary File Deletion vulnerabilityEPSS 0.5%CVE-2024-13343HIGHWooCommerce Customers Manager <= 31.3 - Missing Authorization to Authenticated (Subscriber+) Privilege EscalationEPSS 0.4%CVE-2025-69379HIGHWordPress Upload Files Anywhere plugin <= 2.8 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2026-32522HIGHWordPress WooCommerce Support Ticket System plugin < 18.5 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2025-69380HIGHWordPress Upload Files Anywhere plugin <= 2.8 - Arbitrary File Download vulnerabilityEPSS 0.4%CVE-2025-22713HIGHWordPress WooCommerce Orders & Customers Exporter plugin <= 5.4 - SQL Injection vulnerabilityEPSS 0.3%CVE-2025-48331HIGHWordPress WooCommerce Orders & Customers Exporter <= 5.0 - Sensitive Data Exposure VulnerabilityEPSS 0.3%CVE-2025-53424MEDIUMWordPress WooCommerce Orders & Customers Exporter plugin <= 5.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-27374HIGHWordPress WooCommerce Order Details plugin <= 3.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-69381HIGHWordPress WooCommerce Bulk Product Editor plugin <= 3.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-13775MEDIUMWooCommerce Support Ticket System <= 17.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion and Information ExposureEPSS 0.2%CVE-2025-67579MEDIUMWordPress User Extra Fields plugin <= 16.8 - Broken Access Control vulnerabilityEPSS 0.2%