Vulnerabilidades em smub
91 resultadosCVE-2024-3097MEDIUMWordPress Gallery Plugin – NextGEN Gallery <= 3.59 - Missing Authorization to Unauthenticated Information DisclosureEPSS 38.0%CVE-2019-25141CRITICALEasy WP SMTP <= 1.3.9 - Missing Authorization to Arbitrary Options UpdateEPSS 4.5%CVE-2023-0586MEDIUMAll in One SEO Pack <= 4.2.9 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 2.5%CVE-2026-8832HIGHWPCode <= 2.3.5 - Authenticated (Author+) Remote Code Execution via CPT Capability Bypass via XML-RPC wp.newPostEPSS 1.2%CVE-2024-0379MEDIUMCustom Twitter Feeds – A Tweets Widget or X Feed Widget <= 2.2.1 - Cross-Site Request Forgery to Plugin Options UpdateEPSS 1.0%CVE-2024-12875MEDIUMEasy Digital Downloads <= 3.3.2 - Authenticated (Admin+) Arbitrary File DownloadEPSS 1.0%CVE-2023-0585MEDIUMAll in One SEO Pack <= 4.2.9 - Authenticated (Administrator+) Stored Cross-Site ScriptingEPSS 0.8%CVE-2023-4404CRITICALDonation Forms by Charitable <= 1.7.0.12 - Unauthenticated Privilege EscalationEPSS 0.8%CVE-2024-11205HIGHWPForms 1.8.4 - 1.9.2.1 - Missing Authorization to Authenticated (Subscriber+) Payment Refund and Subscription CancellationEPSS 0.7%CVE-2024-8791CRITICALDonation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress <= 1.8.1.14 - Insecure Direct Object Reference to Account Takeover and Privilege EscalationEPSS 0.7%CVE-2025-13641HIGHPhoto Gallery, Sliders, Proofing and Themes – NextGEN Gallery <= 3.59.12 - Authenticated (Contributor+) Local File Inclusion via 'template'EPSS 0.7%CVE-2026-5464HIGHExactMetrics <= 9.1.2 - Authenticated (Editor+) Arbitrary Plugin Installation/Activation via exactmetrics_connect_processEPSS 0.7%CVE-2024-1935HIGHGiveaways and Contests by RafflePress <= 1.12.5 - Unauthenticated Stored Cross-Site ScriptingEPSS 0.7%CVE-2024-3649MEDIUMContact Form by WPForms – Drag & Drop Form Builder for WordPress <= 1.8.7.2 - Unauthenticated Price ManipulationEPSS 0.7%CVE-2022-2439HIGHEasy Digital Downloads – Simple eCommerce for Selling Digital Files <= 3.3.3 - Authenticated (Admin+) PHAR DeserializationEPSS 0.7%CVE-2019-25145HIGHContact Form & SMTP Plugin by PirateForms <= 2.5.1 - Unauthenticated HTML injectionEPSS 0.7%CVE-2023-3081HIGHWP Mail Logging <= 1.11.1 - Unauthenticated Stored Cross-Site Scripting via EmailEPSS 0.7%CVE-2026-1992HIGHExactMetrics 8.6.0 - 9.0.2 - Authenticated (Custom) Insecure Direct Object Reference to Arbitrary Plugin InstallationEPSS 0.6%CVE-2024-2302MEDIUMEasy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) <= 3.2.9 - Sensitive Information ExposureEPSS 0.6%CVE-2024-4036MEDIUMSydney Toolbox <= 1.30 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.6%