Vulnerabilidades em melapress
22 resultadosCVE-2024-10793HIGHWP Activity Log <= 5.2.1 - Unauthenticated Stored Cross-Site Scripting via User_id ParameterEPSS 1.3%CVE-2025-0924HIGHWP Activity Log <= 5.2.2 - Unauthenticated Stored Cross-Site ScriptingEPSS 1.3%CVE-2020-36716HIGHWP Activity Log <= 4.0.1 - Missing AuthorizationEPSS 0.8%CVE-2025-39565MEDIUMWordPress MelaPress Login Security plugin <= 2.1.0 - PHP Object Injection VulnerabilityEPSS 0.7%CVE-2025-6895CRITICALMelaPress Login Security 2.1.0 - 2.1.1 - Authentication Bypass to Privilege Escalation via get_valid_user_based_on_token FunctionEPSS 0.6%CVE-2026-54806CRITICALWordPress WP Activity Log plugin <= 5.6.3.1 - PHP Object Injection vulnerabilityEPSS 0.6%CVE-2024-35650MEDIUMWordPress MelaPress Login Security plugin <= 1.3.0 - Remote File Inclusion vulnerabilityEPSS 0.6%CVE-2023-2261MEDIUMWP Activity Log <= 4.5.0 - Missing Capabilities Check to User EnumerationEPSS 0.6%CVE-2022-44595MEDIUMWordPress WP2FA plugin <= 2.2.0 - Broken Authentication vulnerabilityEPSS 0.5%CVE-2023-6506MEDIUMWP 2FA <= 2.5.0 - Insecure Direct Object Reference to Arbitrary Email SendingEPSS 0.5%CVE-2025-0767MEDIUMWP Activity Log 5.3.2 - Insecure deserializationEPSS 0.4%CVE-2022-4974MEDIUMFreemius SDK <= 2.4.2 - Missing Authorization ChecksEPSS 0.4%CVE-2024-32568HIGHWordPress WP 2FA plugin <= 2.6.2 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2024-1717MEDIUMAdmin Notices Manager <= 1.4.0 - Missing Authorization to Authenticated (Subscriber+) User Email RetrievalEPSS 0.4%CVE-2025-14866HIGHMelapress Role Editor <= 1.1.1 - Improper Authorization to Authenticated (Subscriber+) Privilege Escalation via Secondary Role AssignmentEPSS 0.4%CVE-2023-50905HIGHWordPress WP Activity Log Plugin <= 4.6.1 is vulnerable to Cross Site Scripting (XSS)EPSS 0.3%CVE-2025-2876MEDIUMMelaPress Login Security and MelaPress Login Security Premium 2.1.0 - Missing Authorization to Unauthenticated Arbitrary User DeletionEPSS 0.3%CVE-2023-2286MEDIUMWP Activity Log <= 4.5.0 - Cross-Site Request Forgery via ajax_run_cleanupEPSS 0.3%CVE-2023-6520MEDIUMWP 2FA – Two-factor authentication for WordPress <= 2.5.0 - Cross-Site Request ForgeryEPSS 0.2%CVE-2025-3702MEDIUMWordPress Melapress File Monitor plugin < 2.2.0 - Broken Access Control vulnerabilityEPSS 0.2%