Vulnerabilidades en wpeverest

50 resultados

CVE-2026-3300CRITICALEverest Forms Pro <= 1.9.12 - Unauthenticated Remote Code Execution via Calculation FieldEPSS 41.0%CVE-2025-1128CRITICALEverest Forms <= 3.0.9.4 - Unauthenticated Arbitrary File Upload, Read, and DeletionEPSS 26.0%CVE-2026-1492CRITICALUser Registration & Membership <= 5.1.2 - Unauthenticated Privilege Escalation via Membership RegistrationEPSS 25.5%CVE-2023-3342CRITICALUser Registration <= 3.0.2 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 1.5%CVE-2025-3439CRITICALEverest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress <= 3.1.1 - Unauthenticated PHP Object InjectionEPSS 1.1%CVE-2026-5478HIGHEverest Forms <= 3.4.4 - Unauthenticated Arbitrary File Read and Deletion via Upload Field 'old_files' ParameterEPSS 1.0%CVE-2023-3343HIGHUser Registration <= 3.0.1 - Authenticated (Subscriber+) PHP Object InjectionEPSS 0.9%CVE-2024-2417HIGHUser Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin <= 3.1.5 - Missing Authorization to Authenticated (Subscriber+) Privilege EscalationEPSS 0.9%CVE-2024-3295MEDIUMUser Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin <= 3.1.5 - Missing Authorization to Unauthenticated Media DeletionEPSS 0.9%CVE-2026-3296CRITICALEverest Forms <= 3.4.3 - Unauthenticated PHP Object Injection via Form Entry MetadataEPSS 0.9%CVE-2026-6203MEDIUMUser Registration & Membership <= 5.1.4 - Unauthenticated Open Redirect via 'redirect_to_on_logout' ParameterEPSS 0.7%CVE-2026-4882CRITICALUser Registration Advanced Fields <= 1.6.20 - Unauthenticated Arbitrary File UploadEPSS 0.7%CVE-2023-27459HIGHWordPress User Registration plugin <= 2.3.2.1 - Authenticated PHP Object Injection vulnerabilityEPSS 0.6%CVE-2025-5927HIGHEverest Forms (Pro) <= 1.9.4 - Unauthenticated Path Traversal to Arbitrary File DeletionEPSS 0.6%CVE-2024-1720MEDIUMUser Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin <= 3.1.4 - Unauthenticated Stored Self-Based Cross-Site ScriptingEPSS 0.5%CVE-2024-1812HIGHEverest Forms <= 2.0.7 - Unauthenticated Server-Side Request Forgery via font_urlEPSS 0.5%CVE-2025-60210CRITICALWordPress Everest Forms - Frontend Listing plugin <= 1.0.5 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2026-6145MEDIUMUser Registration & Membership <= 5.1.5 - Unauthenticated Missing Authorization to Admin Approval Bypass via 'action' ParameterEPSS 0.4%CVE-2023-29429MEDIUMWordPress User Registration plugin <= 2.3.2.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-23987MEDIUMWordPress User Registration Plugin <= 2.3.0 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%

← anteriorpágina 1 / 3siguiente →