Vulnerabilidades en soflyy
14 resultadosCVE-2018-0546—Cross-site scripting vulnerability in WP All Import plugin prior to version 3.4.6 for WordPress allows an attacker to inject arbitrary web sEPSS 1.5%CVE-2018-0547—Cross-site scripting vulnerability in WP All Import plugin prior to version 3.4.7 for WordPress allows an attacker to inject arbitrary web sEPSS 1.5%CVE-2022-36386CRITICALWordPress Import any XML or CSV File to WordPress plugin <= 3.6.7 - Authenticated Arbitrary Code Execution vulnerabilityEPSS 1.1%CVE-2024-31390CRITICALWordPress Breakdance plugin <= 1.7.2 - Authenticated Remote Code Execution (RCE) vulnerabilityEPSS 0.9%CVE-2024-31380CRITICALWordPress Oxygen plugin <= 4.9 - Authenticated Remote Code Execution (RCE) vulnerabilityEPSS 0.8%CVE-2024-9664HIGHWP All Import Pro <= 4.9.7 - Authenticated (Administrator+) PHP Object Injection via Import FileEPSS 0.7%CVE-2024-9624HIGHWP All Import Pro <= 4.9.3 - Authenticated (Administrator+) Server-Side Request Forgery via File ImportEPSS 0.4%CVE-2024-8722MEDIUMWP All Import Pro <= 4.9.7 - Authenticated (Administrator+) Stored Cross-Site Scripting via SVG File UploadEPSS 0.3%CVE-2026-1582LOWWP All Export <= 1.4.14 - Unauthenticated Sensitive Information Exposure via PHP Type JugglingEPSS 0.3%CVE-2025-53237HIGHWordPress WP Wizard Cloak Plugin <= 1.0.1 - Cross Site Scripting (XSS) VulnerabilityEPSS 0.2%CVE-2025-49038HIGHWordPress WP Dynamic Links plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2022-46841MEDIUMWordPress Oxygen Builder Plugin < 4.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-31939MEDIUMWordPress Import any XML or CSV File to WordPress plugin <= 3.7.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-9661MEDIUMWP All Import Pro <= 4.9.7 - Cross-Site Request Forgery to Imported Content DeletionEPSS 0.2%