Vulnerabilidades en Wpopal
16 resultadosCVE-2025-6934CRITICALOpal Estate Pro <= 1.7.5 - Unauthenticated Privilege Escalation via 'on_regiser_user'EPSS 22.3%CVE-2022-40700HIGHServer Side Request Forgery (SSRF) vulnerability affecting multiple WordPress pluginsEPSS 1.0%CVE-2021-4388MEDIUMOpal Estate <= 1.6.11 - Missing AuthorizationEPSS 0.7%CVE-2024-52444HIGHWordPress Opal Woo Custom Product Variation plugin <= 1.1.3 - Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2024-7648MEDIUMOpal Membership <= 1.2.4 - Authenticated (Subscriber+) Information DisclosureEPSS 0.6%CVE-2023-6638MEDIUMGTG Product Feed for Shopping <= 1.2.4 - Missing Authorization to Unauthenticated Plugin Settings UpdateEPSS 0.5%CVE-2022-29449MEDIUMWordPress Opal Hotel Room Booking plugin <= 1.2.7 - Stored Cross-Site Scripting (XSS) vulnerabilityEPSS 0.5%CVE-2021-4387MEDIUMOpal Estate <= 1.6.11 - Cross-Site Request Forgery BypassEPSS 0.5%CVE-2024-7649MEDIUMOpal Membership <= 1.2.4 - Unauthenticated Stored Cross-Site ScriptingEPSS 0.5%CVE-2025-47535HIGHWordPress Opal Woo Custom Product Variation plugin <= 1.2.0 - Arbitrary File Deletion VulnerabilityEPSS 0.4%CVE-2025-23967CRITICALWordPress GG Bought Together for WooCommerce plugin <= 1.0.2 - SQL Injection VulnerabilityEPSS 0.3%CVE-2024-33649MEDIUMWordPress Opal Widgets For Elementor plugin <= 1.6.9 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2025-31748MEDIUMWordPress Opal Portfolio Plugin <= 1.0.4 - Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2024-9073MEDIUMGutenGeek Free Gutenberg Blocks for WordPress <= 1.1.3 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File UploadEPSS 0.3%CVE-2024-3666MEDIUMOpal Estate Pro – Property Management and Submission <= 1.7.6 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2025-62913MEDIUMWordPress Opal Service plugin <= 1.9.1 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%