Vulnerabilidades en WofficeIO

11 resultados

CVE-2025-7694MEDIUMWoffice Core <= 5.4.26 - Authenticated (Contributor+) Arbitrary File DeletionEPSS 0.8%CVE-2025-2780HIGHWoffice Core <= 5.4.21 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 0.7%CVE-2024-43234CRITICALWordPress Woffice theme <= 5.4.14 - Unauthenticated Account Takeover vulnerabilityEPSS 0.6%CVE-2024-43153CRITICALWordPress Woffice theme <= 5.4.10 - Unauthenticated Privilege Escalation vulnerabilityEPSS 0.6%CVE-2024-37470HIGHWordPress Woffice Core plugin <= 5.4.8 - Unauthenticated Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-37472HIGHWordPress Woffice theme <= 5.4.8 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2024-37471HIGHWordPress Woffice Core plugin <= 5.4.8 - Site Wide Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2025-67919MEDIUMWordPress Woffice Core plugin <= 5.4.30 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.3%CVE-2025-67566MEDIUMWordPress Woffice Core plugin <= 5.4.30 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-67918HIGHWordPress Woffice theme <= 5.4.30 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-2797MEDIUMWoffice Core <= 5.4.21 - Cross-Site Request Forgery to User Registration ApprovalEPSS 0.1%