Vulnerabilidades en weDevs

82 resultados
CVE-2024-3922CRITICALDokan Pro <= 3.10.3 - Unauthenticated SQL InjectionEPSS 56.2%CVE-2026-5127HIGHUser Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration <= 4.3.1 - Authenticated (Subscriber+) PHP Object InjectionEPSS 1.0%CVE-2024-0952HIGHWP ERP <= 1.12.9 - Authenticated (Accounting Manager+) SQL Injection via idEPSS 0.9%CVE-2024-1173HIGHWP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting <= 1.13.1 - Authenticated (AccountingManager+) SQL InjectionEPSS 0.8%CVE-2025-3054HIGHWP User Frontend Pro <= 4.1.3 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 0.8%CVE-2023-3636HIGHWP Project Manager <= 2.6.4 - Arbitrary Usermeta Update to Authenticated (Subscriber+) Privilege EscalationEPSS 0.7%CVE-2025-3055HIGHWP User Frontend Pro <= 4.1.3 - Authenticated (Subscriber+) Arbitrary File DeletionEPSS 0.7%CVE-2024-10174HIGHWP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts <= 2.6.13 - Insecure Direct Object Reference to Unauthenticated Authorization BypassEPSS 0.6%CVE-2021-24292Happy Addons for Elementor Free < 2.24.0 and Pro < 1.17.0 - Contributor+ Stored XSSEPSS 0.6%CVE-2023-47682HIGHWordPress WP User Frontend plugin <= 3.6.5 - Authenticated Privilege Escalation vulnerabilityEPSS 0.6%CVE-2024-0913HIGHWP ERP <= 1.13.0 - Authenticated (Accounting Manager+) SQL InjectionEPSS 0.6%CVE-2021-36826MEDIUMWordPress WP Project Manager plugin <= 2.4.13 - Stored Cross-Site Scripting (XSS) vulnerabilityEPSS 0.6%CVE-2024-21747HIGHWordPress WP ERP Plugin <= 1.12.8 is vulnerable to SQL InjectionEPSS 0.6%CVE-2023-26525HIGHWordPress Dokan Plugin <= 3.7.12 is vulnerable to SQL InjectionEPSS 0.6%CVE-2023-34383HIGHWordPress WP Project Manager Plugin <= 2.6.0 is vulnerable to SQL InjectionEPSS 0.6%CVE-2024-0608MEDIUMWP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting <= 1.13.1 - Authenticated (Subscriber+) SQL InjectionEPSS 0.5%CVE-2024-0956MEDIUMWP ERP <= 1.13.0 - Authenticated (AccountingManager+) SQL InjectionEPSS 0.5%CVE-2026-1565HIGHUser Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration <= 4.2.8 - Authenticated (Author+) Arbitrary File UploadEPSS 0.5%CVE-2023-6632MEDIUMHappy Addons for Elementor <= 3.9.1.1 - Reflected Cross-Site ScriptingEPSS 0.5%CVE-2024-0609HIGHWP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting <= 1.13.1 - Unauthenticated Stored Cross-Site ScriptingEPSS 0.5%