Vulnerabilidades en elextensions

26 resultados

CVE-2025-22352HIGHWordPress ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes Plugin <= 1.4.9 - SQL Injection vulnerabilityEPSS 0.7%CVE-2025-10046MEDIUMELEX WooCommerce Google Shopping (Google Product Feed) <= 1.4.3 - Authenticated (Admin+) SQL InejctionEPSS 0.7%CVE-2025-11456CRITICALELEX WordPress HelpDesk & Customer Ticketing System <= 3.3.1 - Unauthenticated Arbitrary File UploadEPSS 0.6%CVE-2024-12171HIGHELEX WordPress HelpDesk & Customer Ticketing System <= 3.2.6 - Missing Authorization to Authenticated (Subscriber+) Privilege EscalationEPSS 0.5%CVE-2025-47643HIGHWordPress ELEX Product Feed for WooCommerce <= 3.1.2 - SQL Injection VulnerabilityEPSS 0.4%CVE-2025-47658CRITICALWordPress ELEX HelpDesk & Customer Ticketing System plugin <= 3.2.9 - Arbitrary File Upload vulnerabilityEPSS 0.4%CVE-2024-12266MEDIUMELEX WooCommerce Dynamic Pricing and Discounts <= 2.1.7 - Missing AuthorizationEPSS 0.3%CVE-2024-31255HIGHWordPress ELEX WooCommerce Dynamic Pricing and Discounts plugin <= 2.1.2 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2026-48964HIGHWordPress ELEX WordPress HelpDesk & Customer Ticketing System plugin <= 3.3.6 - SQL Injection vulnerabilityEPSS 0.3%CVE-2025-47645HIGHWordPress ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes plugin <= 1.4.9 - Subscriber+ SQL Injection vulnerabilityEPSS 0.3%CVE-2025-3280MEDIUMELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes <= 1.4.9 - Authenticated (Subscriber+) SQL InjectionEPSS 0.3%CVE-2025-53213CRITICALWordPress ReachShip WooCommerce Multi-Carrier & Conditional Shipping <= 4.3.1 - Arbitrary File Upload VulnerabilityEPSS 0.3%CVE-2025-31406MEDIUMWordPress ELEX WooCommerce Request a Quote plugin <= 2.3.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-14079MEDIUMELEX WordPress HelpDesk & Customer Ticketing System <= 3.3.5 - Missing Authorization to Authenticated (Subscriber+) Settings UpdateEPSS 0.3%CVE-2025-10039MEDIUMELEX WordPress HelpDesk & Customer Ticketing System <= 3.2.9 - Authenticated (Subscriber+) Insecure Direct Object Reference via 'eh_crm_ticket_single_view_client'EPSS 0.3%CVE-2025-10054MEDIUMELEX WordPress HelpDesk & Customer Ticketing System <= 3.3.1 - Missing Authorization to Authenticated (Subscriber+) Role RemovalEPSS 0.2%CVE-2025-68837MEDIUMWordPress ELEX WordPress HelpDesk & Customer Ticketing System plugin <= 3.3.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-13534MEDIUMELEX WordPress HelpDesk & Customer Ticketing System <= 3.3.2 - Authenticated (Contributor+) Privilege Escalation via eh_crm_edit_agent AJAX ActionEPSS 0.2%CVE-2024-32105MEDIUMWordPress ELEX WooCommerce Dynamic Pricing and Discounts plugin <= 2.1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31364MEDIUMWordPress ELEX WooCommerce Dynamic Pricing and Discounts plugin <= 2.1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%

← anteriorpágina 1 / 2siguiente →