Vulnerabilidades en imithemes
14 resultadosCVE-2024-10799MEDIUMEventer <= 3.9.7 - Authenticated (Subscriber+) Arbitrary File ReadEPSS 0.7%CVE-2025-2253CRITICALIMITHEMES Listing <= 3.3 - Unauthenticated Privilege Escalation via Unverified Password ResetEPSS 0.7%CVE-2025-39481CRITICALWordPress Eventer plugin < 3.11.4 - SQL Injection vulnerabilityEPSS 0.4%CVE-2025-39482MEDIUMWordPress Eventer plugin < 3.11.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-11135HIGHEventer <= 3.9.8 - Unauthenticated SQL Injection via eventer_get_attendeesEPSS 0.4%CVE-2025-0959HIGHEventer - WordPress Event & Booking Manager Plugin <= 3.9.9.2 - Authenticated (Subscriber+) SQL Injection via reg_idEPSS 0.4%CVE-2025-6758CRITICALReal Spaces - WordPress Properties Directory Theme <= 3.6 - Unauthenticated Privilege Escalation to Administrator via 'imic_agent_register'EPSS 0.4%CVE-2024-11133MEDIUMEventer <= 3.9.9.5 - Missing Authorization to Unauthenticated Event Ticket DownloadEPSS 0.3%CVE-2025-8218HIGHReal Spaces - WordPress Properties Directory Theme <= 3.5 - Authenticated (Subscriber+) Privilege Escalation to Administrator via 'change_role_member'EPSS 0.3%CVE-2024-11134MEDIUMEventer <= 3.9.9 - Missing Authorization to Authenticated (Subscriber+) Bookings ExportEPSS 0.3%CVE-2025-39483MEDIUMWordPress Eventer plugin < 3.9.9.1 - Content Injection vulnerabilityEPSS 0.2%CVE-2024-11132MEDIUMEventer <= 3.9.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.2%CVE-2025-22635HIGHWordPress Eventer - WordPress Event & Booking Manager Plugin plugin < 3.9.9 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2026-32518HIGHWordPress Gaea theme < 3.8 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%