Vulnerabilidades em Wpmet
26 resultadosCVE-2024-3500HIGHElementsKit Pro <= 3.6.0 - Authenticated (Contributor+) Local File Inclusion via Price Menu, Hotspot, and Advanced Toggle WidgetsEPSS 1.1%CVE-2021-24258—ElementsKit and ElementsKit Pro < 2.2.0 - Contributor+ Stored XSSEPSS 0.6%CVE-2022-47160MEDIUMWordPress Wp Social Plugin <= 1.9.0 is vulnerable to Sensitive Data ExposureEPSS 0.6%CVE-2024-32683MEDIUMWordPress WP Ultimate Review plugin <= 2.2.5 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.5%CVE-2026-24611CRITICALWordPress MetForm Pro plugin <= 3.9.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-34758MEDIUMWordPress FundEngine – Donation and Crowdfunding Platform plugin <= 1.6.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-32685MEDIUMWordPress WP Ultimate Review plugin <= 2.2.5 - Review Score Manipulation vulnerabilityEPSS 0.4%CVE-2024-32684MEDIUMWordPress WP Ultimate Review plugin <= 2.2.5 - Broken Access Control on Review vulnerabilityEPSS 0.4%CVE-2023-28751MEDIUMWordPress Wp Ultimate Review Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2024-7063MEDIUMElementsKit Pro <= 3.6.6 - Authenticated (Contributor+) Sensitive Information ExposureEPSS 0.4%CVE-2024-3598MEDIUMElementsKit Pro <= 3.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'ekit_btn_id'EPSS 0.3%CVE-2024-4404HIGHElementsKit PRO <= 3.6.1 - Authenticated (Contributor+) Server-Side Request ForgeryEPSS 0.3%CVE-2023-28987MEDIUMWordPress Wp Ultimate Review Plugin <= 2.0.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2026-1261HIGHMetForm Pro <= 3.9.6 - Unauthenticated Stored Cross-Site ScriptingEPSS 0.3%CVE-2023-39993MEDIUMWordPress ElementsKit Lite plugin <= 2.9.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-1782MEDIUMMetForm Pro <= 3.9.7 - Unauthenticated Payment Amount Manipulation via 'mf-calculation'EPSS 0.3%CVE-2024-4452MEDIUMElementsKit Pro <= 3.6.1 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2024-5263MEDIUMElementsKit Elementor addons and Templates Library <= 3.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Motion Text and Table WidgetsEPSS 0.3%CVE-2024-7064MEDIUMElementsKit Pro <= 3.6.5 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2022-45371MEDIUMWordPress ShopEngine Plugin <= 4.1.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%