Vulnerabilidades en themeatelier
12 resultadosCVE-2025-30635HIGHWordPress IDonatePro <= 2.1.9 - Local File Inclusion VulnerabilityEPSS 0.4%CVE-2025-52752MEDIUMWordPress IDonatePro plugin <= 2.1.9 - Sensitive Data Exposure vulnerabilityEPSS 0.3%CVE-2025-4519HIGHIDonate 2.1.5 - 2.1.9 - Missing Authorization to Authenticated (Subscriber+) Account Takeover/Privilege Escalation via idonate_donor_password FunctionEPSS 0.3%CVE-2025-4523MEDIUMIDonate 2.0.0 - 2.1.9 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Disclosure via admin_donor_profile_view FunctionEPSS 0.3%CVE-2025-60045HIGHWordPress IDonatePro plugin <= 2.1.11 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-30639HIGHWordPress IDonatePro Plugin <= 2.1.9 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-4521HIGHIDonate 2.1.5 - 2.1.9 - Missing Authorization to Authenticated (Subscriber+) Account Takeover/Privilege Escalation via idonate_donor_profile FunctionEPSS 0.3%CVE-2025-58938HIGHWordPress IDonatePro plugin <= 2.1.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-5239MEDIUMDomain For Sale <= 3.0.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via class_name ParameterEPSS 0.2%CVE-2025-4522MEDIUMIDonate 2.0.0 - 2.1.9 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Deletion via admin_post_donor_delete FunctionEPSS 0.2%CVE-2025-66099MEDIUMWordPress Chat Help plugin <= 3.1.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66113MEDIUMWordPress Better Chat Support for Messenger plugin <= 1.2.18 - Broken Access Control vulnerabilityEPSS 0.2%