Vulnerabilidades en gVectors
13 resultadosCVE-2026-22182HIGHwpDiscuz before 7.6.47 - Unauthenticated Email Notification Flood via wpdCheckNotificationTypeEPSS 0.5%CVE-2023-33213MEDIUMWordPress wpView Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2026-22216MEDIUMwpDiscuz before 7.6.47 - No Rate Limiting on Subscription Endpoints with LIKE Wildcard BypassEPSS 0.3%CVE-2026-22193CRITICALwpDiscuz before 7.6.47 - SQL Injection in getAllSubscriptions()EPSS 0.3%CVE-2026-22203MEDIUMwpDiscuz before 7.6.47 - Options Export Leaks OAuth Secrets in PlaintextEPSS 0.3%CVE-2026-22209MEDIUMwpDiscuz before 7.6.47 - Cross-Site Scripting via Unescaped Custom CSS in Style TagEPSS 0.2%CVE-2026-22204MEDIUMwpDiscuz before 7.6.47 - Unsanitized Cookie Email Used as wp_mail() RecipientEPSS 0.2%CVE-2025-4224HIGHwpForo + wpForo Advanced Attachments <= 3.1.3 - Unauthenticated Stored Cross-Site ScriptingEPSS 0.2%CVE-2026-22183MEDIUMwpDiscuz before 7.6.47 - Stored Cross-Site Scripting in Inline Comment PreviewEPSS 0.2%CVE-2026-22202MEDIUMwpDiscuz before 7.6.47 - Destructive GET Action Deletes All Comments by EmailEPSS 0.2%CVE-2026-22210LOWwpDiscuz before 7.6.47 - Cross-Site Scripting via Unescaped Attachment URLsEPSS 0.2%CVE-2026-22215MEDIUMwpDiscuz before 7.6.47 - Missing CSRF Protection on wpdGetFollowsPageEPSS 0.2%CVE-2026-22201MEDIUMwpDiscuz before 7.6.47 - IP Address Spoofing in getIP()EPSS 0.2%