Vulnerabilidades em WPClever
33 resultadosCVE-2024-10436HIGHWPC Smart Messages for WooCommerce <= 4.2.1 - Authenticated (Subscriber+) Local File InclusionEPSS 0.7%CVE-2025-30772HIGHWordPress WPC Smart Upsell Funnel for WooCommerce plugin <= 3.0.4 - Arbitrary Option Update to Privilege Escalation vulnerabilityEPSS 0.6%CVE-2024-12432HIGHWPC Shop as a Customer for WooCommerce <= 1.2.8 - Authentication Bypass Due to Insufficiently Unique KeyEPSS 0.5%CVE-2024-50416HIGHWordPress WPC Shop as a Customer for WooCommerce plugin <= 1.2.6 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-30825HIGHWordPress WPC Smart Linked Products plugin <= 1.3.5 - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2024-5020MEDIUMMultiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript LibraryEPSS 0.4%CVE-2025-60248HIGHWordPress WPC Product Options for WooCommerce plugin <= 3.1.3 - Local File Inclusion vulnerabilityEPSS 0.4%CVE-2024-43312MEDIUMWordPress WPC Frequently Bought Together for WooCommerce plugin <= 7.1.9 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-32687MEDIUMWordPress WPC Frequently Bought Together for WooCommerce plugin <= 7.0.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-49061HIGHWordPress WPC Product Options for WooCommerce plugin <= 3.2.1 - Arbitrary File Download vulnerabilityEPSS 0.4%CVE-2024-10437MEDIUMWPC Smart Messages for WooCommerce <= 4.2.1 - Missing Authorization to Authenticated (Subscriber+) Message Activation/DeactivationEPSS 0.4%CVE-2024-2838MEDIUMWPC Composite Products for WooCommerce <= 7.2.7 - Authenticated (Subscriber+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2025-3418HIGHWPC Admin Columns 2.0.6 - 2.1.0 - Authenticated (Subscriber+) Privilege Escalation via User Meta UpdateEPSS 0.3%CVE-2024-32520MEDIUMWordPress WPC Grouped Product for WooCommerce plugin <= 4.4.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-6494MEDIUMWPC Smart Quick View for WooCommerce <= 4.0.2 - Authenticated (Administrator+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2024-30537MEDIUMWordPress WPC Badge Management for WooCommerce plugin <= 2.4.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-34386MEDIUMWordPress WPC Smart Wishlist for WooCommerce Plugin <= 4.7.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2025-11741MEDIUMWPC Smart Quick View for WooCommerce <= 4.2.5 - Insecure Direct Object Reference to Unauthenticated Private Product ExposureEPSS 0.3%CVE-2025-11742MEDIUMWPC Smart Wishlist for WooCommerce <= 5.0.4 - Missing Authorization to Authenticated (Subscriber+) Information ExposureEPSS 0.3%CVE-2025-12115HIGHWPC Name Your Price for WooCommerce <= 2.1.9 - Unauthenticated Price AlterationEPSS 0.2%