Vulnerabilidades em Smackcoders
22 resultadosCVE-2024-43965HIGHWordPress SendGrid for WordPress plugin <= 1.4 - SQL Injection vulnerabilityEPSS 1.9%CVE-2023-4141HIGHWP Ultimate CSV Importer <= 7.9.8 - Authenticated (Author+) PHP File Creation to Remote Code ExecutionEPSS 1.2%CVE-2023-4142HIGHWP Ultimate CSV Importer <= 7.9.8 - Authenticated (Author+) Remote Code ExecutionEPSS 1.2%CVE-2025-2008HIGHImport Export Suite for CSV and XML Datafeed <= 7.19 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 1.1%CVE-2025-2007HIGHImport Export Suite for CSV and XML Datafeed <= 7.19 - Authenticated (Subscriber+) Arbitrary File DeletionEPSS 1.0%CVE-2025-10057HIGHWP Import – Ultimate CSV XML Importer for WordPress 7.20 - 7.28 - Authenticated (Subscriber+) Remote Code Execution via Code InjectionEPSS 0.7%CVE-2025-9990HIGHWordPress Helpdesk Integration <= 5.8.10 - Unauthenticated Local File InclusionEPSS 0.7%CVE-2025-2332CRITICALExport All Posts, Products, Orders, Refunds & Users <= 2.13 - Unauthenticated PHP Object InjectionEPSS 0.7%CVE-2023-4140MEDIUMWP Ultimate CSV Importer <= 7.9.8 - Arbitrary Usermeta Update to Authenticated (Author+) Privilege EscalationEPSS 0.6%CVE-2025-10058HIGHWP Import – Ultimate CSV XML Importer for WordPress <= 7.27 - Authenticated (Subscriber+) Arbitrary File DeletionEPSS 0.6%CVE-2023-4139HIGHWP Ultimate CSV Importer <= 7.9.8 - Sensitive Information Exposure via Directory ListingEPSS 0.6%CVE-2023-45066MEDIUMWordPress WP Ultimate Exporter Plugin <= 2.4.1 is vulnerable to Sensitive Data ExposureEPSS 0.5%CVE-2024-12315HIGHExport All Posts, Products, Orders, Refunds & Users <= 2.9.3 - Information Disclosure Through Unprotected DirectoryEPSS 0.5%CVE-2023-2487MEDIUMWordPress WP Ultimate Exporter Plugin <= 2.4.1 is vulnerable to Sensitive Data ExposureEPSS 0.5%CVE-2025-13145HIGHWP Import – Ultimate CSV XML Importer for WordPress <= 7.33.1 - Authenticated (Administrator+) PHP Object Injection via CSV ImportEPSS 0.4%CVE-2024-9364MEDIUMSendGrid for WordPress <= 1.4 - Missing Authorization to Authenticated (Subscriber+) Log DeletionEPSS 0.4%CVE-2025-10040HIGHWP Import – Ultimate CSV XML Importer for WordPress <= 7.27 - Missing Authorization to Authenticated (Subscriber+) FTP/SFTP Credential ExposureEPSS 0.3%CVE-2026-1317MEDIUMWP Import – Ultimate CSV XML Importer for WordPress <= 7.37 - Authenticated (Subscriber+) SQL Injection via File NameEPSS 0.2%CVE-2025-14627MEDIUMWP Import – Ultimate CSV XML Importer for WordPress <= 7.35 - Authenticated (Contributor+) Server-Side Request Forgery via Bitly Shortlink BypassEPSS 0.2%CVE-2025-12732MEDIUMWP Import – Ultimate CSV XML Importer for WordPress <= 7.33 - Missing Authorization to Authenticated (Author+) Sensitive Information ExposureEPSS 0.2%