Vulnerabilidades en wpxpo
27 resultadosCVE-2024-10728HIGHPostX <= 4.1.16 - Missing Authorization to Arbitrary Plugin Installation/ActivationEPSS 36.5%CVE-2024-5326HIGHPost Grid Gutenberg Blocks and WordPress Blog Plugin – PostX <= 4.1.2 - Missing Authorization to Arbitrary Options UpdateEPSS 1.4%CVE-2024-23512HIGHWordPress ProductX – Gutenberg WooCommerce Blocks Plugin <= 3.1.4 is vulnerable to PHP Object InjectionEPSS 0.5%CVE-2026-2001HIGHWowRevenue <= 2.1.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation/ActivationEPSS 0.4%CVE-2024-50513MEDIUMWordPress PostX plugin <= 4.1.15 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2023-36385HIGHWordPress PostX – Gutenberg Blocks for Post Grid Plugin <= 2.9.9 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2025-39571MEDIUMWordPress WowStore plugin <= 4.2.4 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-55707HIGHWordPress PostX Plugin <= 4.1.35 - Privilege Escalation VulnerabilityEPSS 0.3%CVE-2024-31246MEDIUMWordPress PostX plugin <= 3.2.3 - Author+ Post/Page Duplication vulnerabilityEPSS 0.3%CVE-2024-53818MEDIUMWordPress PostX plugin <= 4.1.15 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2024-5223MEDIUMPost Grid Gutenberg Blocks and WordPress Blog Plugin – PostX <= 4.1.1 - Authenticated (Author+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2023-45271MEDIUMWordPress ProductX – Gutenberg WooCommerce Blocks plugin <= 2.7.8 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-32564MEDIUMWordPress PostX plugin <= 4.0.1 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2026-1273HIGHPostX <= 5.0.8 - Authenticated (Administrator+) Server-Side Request Forgery via REST API EndpointsEPSS 0.3%CVE-2026-2579HIGHWowStore – Store Builder & Product Blocks for WooCommerce <= 4.4.3 - Unauthenticated SQL Injection via 'search' ParameterEPSS 0.3%CVE-2026-4302HIGHWowOptin: Next-Gen Popup Maker <= 1.4.29 - Unauthenticated Server-Side Request Forgery via 'link' Parameter in REST APIEPSS 0.3%CVE-2025-69313HIGHWordPress PostX plugin <= 5.0.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-0718MEDIUMPost Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX <= 5.0.5 - Missing Authorization to Limited Post Meta ModificationEPSS 0.3%CVE-2025-12980HIGHPost Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX <= 5.0.3 - Missing Authorization to Unauthenticated Sensitive Information ExposureEPSS 0.3%CVE-2026-1720HIGHWowOptin: Next-Gen Popup Maker – Create Stunning Popups and Optins for Lead Generation <= 1.4.24 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin InstallationEPSS 0.3%