Vulnerabilidades en inc2734
9 resultadosCVE-2026-1056CRITICALSnow Monkey Forms <= 12.0.3 - Unauthenticated Arbitrary File Deletion via Path TraversalEPSS 12.7%CVE-2023-6316CRITICALMW WP Form <= 5.0.1 - Unauthenticated Arbitrary File UploadEPSS 1.4%CVE-2023-6559HIGHMW WP Form <= 5.0.3 - Improper Limitation of File Name to Unauthenticated Arbitrary File DeletionEPSS 1.3%CVE-2026-4347HIGHMW WP Form <= 5.1.0 - Unauthenticated Arbitrary File Move via move_temp_file_to_upload_dirEPSS 1.3%CVE-2026-5436HIGHMW WP Form <= 5.1.1 - Unauthenticated Arbitrary File Move via regenerate_upload_file_keysEPSS 1.1%CVE-2024-1995MEDIUMSmart Custom Fields <= 4.2.2 - Missing Authorization to Authenticated (Subscriber+) Post Content DisclosureEPSS 0.6%CVE-2026-4066MEDIUMSmart Custom Fields <= 5.0.6 - Missing Authorization to Authenticated (Contributor+) Sensitive Information Exposure via Relational Post SearchEPSS 0.3%CVE-2025-10137MEDIUMSnow Monkey <= 29.1.5 - Unauthenticated Blind Server-Side Request ForgeryEPSS 0.3%CVE-2026-3004MEDIUMSnow Monkey Blocks <= 24.1.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'data-slick' AttributeEPSS 0.2%