Vulnerabilidades em StellarWP

117 resultados

CVE-2025-13387HIGHKadence WooCommerce Email Designer <= 1.5.17 - Unauthenticated Stored Cross-Site ScriptingEPSS 0.3%CVE-2024-5819MEDIUMGutenberg Blocks with AI by Kadence WP – Page Builder Features <= 3.2.45 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via HTML Data AttributesEPSS 0.3%CVE-2023-4247MEDIUMGiveWP <= 2.33.3 - Cross-Site Request Forgery to plugin deactivationEPSS 0.3%CVE-2025-11227MEDIUMGiveWP – Donation Plugin and Fundraising Platform <= 4.10.0 - Missing Authorization to Unauthenticated Forms and Campaigns DisclosureEPSS 0.3%CVE-2025-4571MEDIUMGiveWP – Donation Plugin and Fundraising Platform <= 4.3.0 - Missing Authorization To Authenticated (Contributor+) Campaign Data View And ModificationEPSS 0.3%CVE-2023-4248MEDIUMGiveWP <= 2.33.3 - Cross-Site Request Forgery to Stripe Integration DeletionEPSS 0.2%CVE-2025-5678MEDIUMKadence Blocks – Gutenberg Blocks for Page Builder Features <= 3.5.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via `redirectURL` ParameterEPSS 0.2%CVE-2026-11357MEDIUMKadence Blocks <= 3.7.5 - Authenticated (Contributor+) Sensitive Information Exposure via Block Editor proData LocalizationEPSS 0.2%CVE-2023-4246MEDIUMGiveWP <= 2.33.3 - Cross-Site Request Forgery to plugin installationEPSS 0.2%CVE-2025-66533MEDIUMWordPress GiveWP plugin <= 4.13.1 - Arbitrary Shortocde Execution vulnerabilityEPSS 0.2%CVE-2025-12192MEDIUMThe Events Calendar <= 6.15.9 - Sysinfo Key Incorrect Comparison to Unauthenticated Sensitive Information ExposureEPSS 0.2%CVE-2026-2694MEDIUMThe Events Calendar <= 6.15.16 - Improper Authorization to Authenticated (Contributor+) Event/Organizer/Venue Update/Trash via REST APIEPSS 0.2%CVE-2024-12304MEDIUMGutenberg Blocks with AI by Kadence WP – Page Builder Features <= 3.4.2 - Authenticated (contributor+) Stored Cross-Site Scripting via Button LinkEPSS 0.2%CVE-2025-7221MEDIUMGiveWP – Donation Plugin and Fundraising Platform <= 4.5.0 - Missing Authorization to Donation UpdateEPSS 0.2%CVE-2025-12633HIGHBooking Calendar | Appointment Booking | Bookit <= 2.5.0 - Missing Authorization to Unauthenticated Stripe ConnectionEPSS 0.2%CVE-2026-32546HIGHWordPress Restrict Content plugin <= 3.2.22 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-13206HIGHGiveWP - Donation Plugin and Fundraising Platform <= 4.13.0 - Unauthenticated Stored Cross-Site Scripting via 'name'EPSS 0.2%CVE-2025-5144MEDIUMThe Events Calendar <= 6.13.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site ScriptingEPSS 0.2%CVE-2024-47315MEDIUMWordPress GiveWP – Donation Plugin and Fundraising Platform plugin <= 3.15.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31433MEDIUMWordPress The Events Calendar plugin <= 6.3.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%

← anteriorpágina 5 / 6próxima →