Vulnerabilidades en ays-pro
38 resultadosCVE-2024-6028CRITICALQuiz Maker <= 6.5.8.3 - Unauthenticated SQL Injection via 'ays_questions' ParameterEPSS 11.8%CVE-2025-14156CRITICALFox LMS – WordPress LMS Plugin 1.0.4.7 - 1.0.5.1 - Unauthenticated Privilege Escalation via 'createOrder'EPSS 5.8%CVE-2024-10571CRITICALChartify – WordPress Chart Plugin <= 2.9.5 - Unauthenticated Local File Inclusion via sourceEPSS 4.8%CVE-2025-10042MEDIUMQuiz Maker <= 6.7.0.56 - Unauthenticated SQL InjectionEPSS 0.9%CVE-2023-0038HIGHSurvey Maker – Best WordPress Survey Plugin <= 3.1.3 - Unauthenticated Stored Cross-Site ScriptingEPSS 0.8%CVE-2024-9874MEDIUMWordPress Poll Maker Plugin <= 5.4.6 - Authenticated (Administrator+) Time-Based SQL InjectionEPSS 0.7%CVE-2024-3897MEDIUMPopup Box – Best WordPress Popup Plugin <= 4.3.6 - Missing Authorization to Information ExposureEPSS 0.6%CVE-2024-3601MEDIUMPoll Maker – Best WordPress Poll Plugin <= 5.1.8 - Missing Authorization to Unauthenticated Email EnumerationEPSS 0.6%CVE-2024-1079MEDIUMQuiz Maker <= 6.5.2.4 - Missing Authorization to Unauthenticated Quiz Data RetrievalEPSS 0.5%CVE-2024-9475MEDIUMPoll Maker – Versus Polls, Anonymous Polls, Image Polls <= 5.4.6 - Authenticated (Administrator+) SQL Injection via Order_by ParameterEPSS 0.5%CVE-2024-11458MEDIUMFAQ Builder AYS <= 1.7.1 - Reflected Cross-Site ScriptingEPSS 0.4%CVE-2024-3600HIGHPoll Maker – Best WordPress Poll Plugin <= 5.1.8 - Missing Authorization to Unauthenticated Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-10861MEDIUMPopup Box – Create Countdown, Coupon, Video, Contact Form Popups <= 4.9.7 - Missing Authorization to Unauthenticated Limited Options UpdateEPSS 0.4%CVE-2025-1404MEDIUMSecure Copy Content Protection and Content Locking <= 4.4.7 - Missing Authorization to Unauthenticated User Email Retrieval via ays_sccp_reports_user_search FunctionEPSS 0.4%CVE-2024-1078MEDIUMQuiz Maker <= 6.5.2.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Quiz Creation & ModificationEPSS 0.4%CVE-2025-11171MEDIUMChartify – WordPress Chart Plugin <= 3.5.9 - Missing Authentication for Administrative FunctionEPSS 0.3%CVE-2024-9462MEDIUMPoll Maker – Versus Polls, Anonymous Polls, Image Polls <= 5.4.6 - Authenticated (Administrator+) Stored Cross-Site Scripting via Poll SettingsEPSS 0.3%CVE-2026-1336MEDIUMAI ChatBot with ChatGPT and Content Generator by AYS <= 2.7.5 - Missing Authorization to Unauthenticated API Key ModificationEPSS 0.3%CVE-2025-12426MEDIUMQuiz Maker <= 6.7.0.80 - Unauthenticated Sensitive Information ExposureEPSS 0.3%CVE-2026-8995MEDIUMPoll Maker by AYS <= 6.3.7 - Authenticated (Subscriber+) Sensitive Information Exposure in 'ays_poll_get_user_information' AJAX ActionEPSS 0.3%