Vulnerabilidades en mra13
18 resultadosCVE-2025-24663HIGHWordPress Simple Download Monitor plugin <= 3.9.25 - SQL Injection vulnerabilityEPSS 0.6%CVE-2023-48286HIGHWordPress Accept Stripe Payments plugin <= 2.0.79 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2025-3530HIGHWordPress Simple PayPal Shopping Cart <= 5.1.2 - Unauthenticated Product Price ManipulationEPSS 0.4%CVE-2023-1469MEDIUMThe WP Express Checkout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘pec_coupon[code]’ parameter in versions uEPSS 0.4%CVE-2024-12622MEDIUMWordPress Simple Shopping Cart <= 5.0.7 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2025-3529HIGHWordPress Simple PayPal Shopping Cart <= 5.1.2 - Unauthenticated Information Exposure via file_url ParameterEPSS 0.3%CVE-2024-10176MEDIUMCompact WP Audio Player <= 1.9.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via sc_embed_player ShortcodeEPSS 0.3%CVE-2025-3874MEDIUMWordPress Simple PayPal Shopping Cart <= 5.1.3 - Insecure Direct Object ReferenceEPSS 0.3%CVE-2024-7353MEDIUMAccept Stripe Payments <= 2.0.86 - Authenticated (Contributor+) Stored Cross-Site Scripting via accept_stripe_payment_ng ShortcodeEPSS 0.3%CVE-2023-6497MEDIUMWordPress Simple Shopping Cart <= 4.7.1 - Authenticated(Administrator+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2025-3889MEDIUMWordPress Simple PayPal Shopping Cart <= 5.1.3 - Insecure Direct Object Reference via 'quantity'EPSS 0.3%CVE-2024-56279MEDIUMWordPress Compact WP Audio Player plugin <= 1.9.14 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.3%CVE-2025-8977MEDIUMSimple Download Monitor <= 3.9.33 - Simple Download Monitor <= 3.9.33 – Authenticated (Contributor+) SQL Injection via order parameter in Log Export functionalityEPSS 0.3%CVE-2025-3890MEDIUMWordPress Simple PayPal Shopping Cart <= 5.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.2%CVE-2026-2383MEDIUMSimple Download Monitor <= 4.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom FieldEPSS 0.2%CVE-2026-0552MEDIUMSimple Shopping Cart <= 5.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'wpsc_display_product' ShortcodeEPSS 0.2%CVE-2021-47983MEDIUMWordPress Plugin Stripe Payments 2.0.39 Stored XSS via currency_codeEPSS 0.2%CVE-2025-58197MEDIUMWordPress Simple Download Monitor Plugin <= 3.9.34 - Cross Site Scripting (XSS) VulnerabilityEPSS 0.2%