Vulnerabilidades en ivole
11 resultadosCVE-2023-6979HIGHCustomer Reviews for WooCommerce <= 5.38.9 - Authenticated (Author+) Arbitrary File UploadEPSS 1.1%CVE-2026-4664MEDIUMCustomer Reviews for WooCommerce <= 5.103.0 - Unauthenticated Authentication Bypass to Arbitrary Review Submission via 'key' ParameterEPSS 0.7%CVE-2024-3869MEDIUMCustomer Reviews for WooCommerce <= 5.46.0 - Missing Authorization to Authenticated (Subscriber+) Coupon SearchEPSS 0.5%CVE-2024-3243MEDIUMCustomer Reviews for WooCommerce <= 5.46.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Email SendingEPSS 0.4%CVE-2024-1044MEDIUMCustomer Reviews for WooCommerce <= 5.38.10 - Improper Authorization via submit_reviewEPSS 0.4%CVE-2024-3731MEDIUMCustomer Reviews for WooCommerce <= 5.47.0 - Reflected Cross-Site Scripting via 's'EPSS 0.4%CVE-2026-3355MEDIUMCustomer Reviews for WooCommerce <= 5.101.0 - Reflected Cross-Site Scripting via 'crsearch'EPSS 0.3%CVE-2024-10614MEDIUMCustomer Reviews for WooCommerce <= 5.61.0 - Missing Authorization to Authenticated (Subscriber+) Import CancellationEPSS 0.3%CVE-2025-5720MEDIUMCustomer Reviews for WooCommerce <= 5.80.2 - Unauthenticated Stored Cross-Site Scripting via `author` ParameterEPSS 0.3%CVE-2026-1316HIGHCustomer Reviews for WooCommerce <= 5.97.0 - Unauthenticated Stored Cross-Site Scripting via media[].href ParameterEPSS 0.3%CVE-2025-14891MEDIUMCustomer Reviews for WooCommerce <= 5.93.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting via displayName ParameterEPSS 0.2%