Vulnerabilidades en wpswings
17 resultadosCVE-2024-11423HIGHUltimate Gift Cards for WooCommerce <= 3.0.6 - Missing Authorization to Infinite Money GlitchEPSS 0.8%CVE-2025-47569CRITICALWordPress WooCommerce Ultimate Gift Card plugin <= 2.9.6 - SQL Injection vulnerabilityEPSS 0.6%CVE-2024-13641MEDIUMReturn Refund and Exchange For WooCommerce <= 4.4.5 - Unauthenticated Sensitive Information Exposure Through Unprotected DirectoryEPSS 0.4%CVE-2021-4391MEDIUMUltimate Gift Cards for WooCommerce <= 2.1.1 - Cross-Site Request Forgery BypassEPSS 0.4%CVE-2024-11938MEDIUMOne Click Upsell Funnel for WooCommerce <= 3.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via wps_wocuf_pro_yes ShortcodeEPSS 0.3%CVE-2025-3743MEDIUMUpsell Funnel Builder for WooCommerce <= 3.0.0 - Unauthenticated Order ManipulationEPSS 0.3%CVE-2025-5103MEDIUMUltimate Gift Cards for WooCommerce <= 3.1.4 - Authenticated (Administrator+) SQL Injection via wps_wgm_save_post FunctionEPSS 0.3%CVE-2026-1926MEDIUMSubscriptions for WooCommerce <= 1.9.2 - Missing Authorization to Unauthenticated Arbitrary Subscription CancellationEPSS 0.3%CVE-2024-13692MEDIUMReturn Refund and Exchange For WooCommerce <= 4.4.5 - Authenticated (Subscriber+) Insecure Direct Object ReferenceEPSS 0.3%CVE-2024-1857MEDIUMUltimate Gift Cards for WooCommerce – Create, Redeem & Manage Digital Gift Certificates with Personalized Templates <= 2.6.6 - Missing Authorization to Unauthenticated Information ExposureEPSS 0.3%CVE-2024-53740HIGHWordPress WooCommerce Ultimate Gift Card plugin < 2.9.1 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-13724MEDIUMWallet System for WooCommerce – Wallet, Wallet Cashback, Refunds, Partial Payment, Wallet Restriction <= 2.6.2 - Missing AuthorizationEPSS 0.2%CVE-2025-14450MEDIUMWallet System for WooCommerce <= 2.7.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Wallet Balance ManipulationEPSS 0.2%CVE-2025-64267MEDIUMWordPress WooCommerce Ultimate Points And Rewards plugin <= 2.10.2 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2025-12086MEDIUMReturn Refund and Exchange For WooCommerce <= 4.5.5 - Insecure Direct Object Reference to Authenticated (Subscriber+) Refund Request CancellationEPSS 0.2%CVE-2025-12881MEDIUMReturn Refund and Exchange For WooCommerce <= 4.5.5 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Order Message ReadEPSS 0.1%CVE-2024-13682MEDIUMWallet System for WooCommerce – Wallet, Wallet Cashback, Refunds, Partial Payment, Wallet Restriction <= 2.6.2 - Cross-Site Request ForgeryEPSS 0.1%