Vulnerabilidades en WPChill

59 resultados
CVE-2026-1860MEDIUMKali Forms <= 2.4.8 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Form Data ExposureEPSS 0.3%CVE-2023-6491MEDIUMStrong Testimonials <= 3.1.12 - Authenticated(Contributor+) Improper Authorization to Views ModificationEPSS 0.3%CVE-2026-3124HIGHDownload Monitor <= 5.1.7 - Insecure Direct Object Reference to Unauthenticated Arbitrary Order Completion via 'token' and 'order_id'EPSS 0.3%CVE-2024-6261MEDIUMImage Photo Gallery Final Tiles Grid <= 3.6.0 - Authenticated (Contributor+) DOM-Based Stored Cross-Site ScriptingEPSS 0.3%CVE-2025-14455MEDIUMImage Photo Gallery Final Tiles Grid <= 3.6.7 - Missing Authorization to Authenticated (Contributor+) Gallery ManagementEPSS 0.3%CVE-2025-14865MEDIUMPassster – Password Protect Pages and Content <= 4.2.24 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.2%CVE-2025-11268MEDIUMStrong Testimonials <= 3.2.16 - Unauthenticated Arbitrary Shortcode ExecutionEPSS 0.2%CVE-2025-14003MEDIUMImage Gallery – Photo Grid & Video Gallery <= 2.13.3 - Missing Authorization to Authenticated (Author+) Arbitrary Gallery ModificationEPSS 0.2%CVE-2023-52123MEDIUMWordPress Strong Testimonials Plugin <= 3.1.10 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-7367MEDIUMStrong Testimonials <= 3.2.11 - Authenticated (Author+) Stored Cross-Site Scripting via Custom FieldsEPSS 0.2%CVE-2025-12494MEDIUMImage Gallery – Photo Grid & Video Gallery <= 2.12.28 - Improper Authorization to Authenticated (Author+) Arbitrary Image File MoveEPSS 0.2%CVE-2025-14632MEDIUMFilr – Secure document library <= 1.2.11 - Authenticated (Administrator+) Stored Cross-Site Scripting via HTML UploadEPSS 0.2%CVE-2025-14426MEDIUMStrong Testimonials <= 3.2.18 - Missing Authorization to Authenticated (Contributor+) Rating Meta UpdateEPSS 0.2%CVE-2026-3239MEDIUMStrong Testimonials <= 3.2.21 - Authenticated (Contributor+) Stored Cross-Site Scripting via testimonial_view ShortcodeEPSS 0.2%CVE-2025-13693MEDIUMImage Photo Gallery Final Tiles Grid <= 3.6.8 - Authenticated (Author+) Stored Cross-Site Scripting via 'Custom Scripts' SettingEPSS 0.2%CVE-2024-9416MEDIUMModula Image Gallery <= 2.10.1 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox 5 JavaScript LibraryEPSS 0.2%CVE-2025-15466MEDIUMImage Photo Gallery Final Tiles Grid <= 3.6.9 - Missing Authorization to Authenticated (Contributor+) Arbitrary Gallery ManagementEPSS 0.2%CVE-2026-1254MEDIUMModula Image Gallery – Photo Grid & Video Gallery <= 2.13.6 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post/Page EditingEPSS 0.2%CVE-2026-4401MEDIUMDownload Monitor <= 5.1.10 - Cross-Site Request Forgery to Download Path Deletion and DisablingEPSS 0.2%