Vulnerabilidades en Cyberlord92
37 resultadosCVE-2023-2982CRITICALWordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) <= 7.6.4 - Authentication BypassEPSS 44.6%CVE-2024-2172CRITICALMalware Scanner <= 4.7.2 and Web Application Firewall <= 2.1.1 - Unauthenticated Privilege EscalationEPSS 1.7%CVE-2025-8420HIGHMultiple Plugins by emarket-design <= Multiple Versions - Unauthenticated Limited Remote Code ExecutionEPSS 0.9%CVE-2023-3249CRITICALWeb3 – Crypto wallet Login & NFT token gating <= 2.6.0 - Authentication BypassEPSS 0.9%CVE-2026-2628CRITICALAll-in-One Microsoft 365 & Entra ID / Azure AD SSO Login <= 2.2.5 - Authentication BypassEPSS 0.9%CVE-2023-2484HIGHActive Directory Integration / LDAP Integration <= 4.1.4 - Authenticated (Administrator+) SQL InjectionEPSS 0.8%CVE-2024-10111HIGHOAuth Single Sign On – SSO (OAuth Client) <= 6.26.3 - Authentication BypassEPSS 0.7%CVE-2023-4505LOWStaff / Employee Business Directory for Active Directory <= 1.2.3 - Authenticated (Admin+) LDAP PassbackEPSS 0.7%CVE-2023-4506LOWActive Directory Integration / LDAP Integration <= 4.1.10 - LDAP PassbackEPSS 0.7%CVE-2022-4539MEDIUMWeb Application Firewall <= 2.1.2 - IP Address Spoofing to Protection Mechanism BypassEPSS 0.6%CVE-2024-0681MEDIUMPage Restriction WordPress (WP) – Protect WP Pages/Post <= 1.3.4 - Protection Mechanism BypassEPSS 0.6%CVE-2024-9861HIGHMiniorange OTP Verification with Firebase <= 3.6.0 - Authentication BypassEPSS 0.6%CVE-2024-11297MEDIUMPage Restriction WordPress (WP) – Protect WP Pages/Post <= 1.3.6 - Unauthenticated Content Restriction Bypass to Sensitive Information ExposureEPSS 0.6%CVE-2024-9862CRITICALMiniorange OTP Verification with Firebase <= 3.6.0 - Unauthenticated Arbitrary User Password ChangeEPSS 0.6%CVE-2024-9863CRITICALMiniorange OTP Verification with Firebase <= 3.6.0 - Privilege Escalation via Registration due to Administrator Default User Role ValueEPSS 0.6%CVE-2025-9485CRITICALOAuth Single Sign On – SSO (OAuth Client) <= 6.26.12 - Authentication Bypass via get_resource_owner_from_id_token()EPSS 0.6%CVE-2022-4943HIGHminiOrange's Google Authenticator <= 5.6.5 - Missing Authorization to Plugin Settings ChangeEPSS 0.5%CVE-2024-9887HIGHLogin using WordPress Users ( WP as SAML IDP ) <= 1.15.6 - Authenticated (Administrator+) SQL InjectionEPSS 0.5%CVE-2024-11901MEDIUMPowerBI Embed Reports <= 1.1.7 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.5%CVE-2025-10750MEDIUMPowerBI Embed Reports <= 1.2.0 - Unauthenticated Sensitive Information DisclosureEPSS 0.4%