Vulnerabilidades em stellarwp

117 resultados

CVE-2025-48246MEDIUMWordPress The Events Calendar plugin <= 6.11.2.1 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2024-35679HIGHWordPress GiveWP plugin <= 3.12.0 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2026-2633MEDIUMGutenberg Blocks with AI by Kadence WP <= 3.6.1 - Missing Authorization to Authenticated (Contributor+) Unauthorized Media UploadEPSS 0.3%CVE-2025-9807HIGHThe Events Calendar <= 6.15.1 - Unauthenticated SQL InjectionEPSS 0.3%CVE-2024-5289MEDIUMGutenberg Blocks with AI by Kadence WP – Page Builder Features <= 3.2.42 - Authenticated (Contributor+) Stored Cross-Site Scripting in Google Maps WidgetEPSS 0.3%CVE-2024-2273MEDIUMGutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.34 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2025-49906MEDIUMWordPress WPComplete plugin <= 2.9.5.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-1304MEDIUMMembership Plugin – Restrict Content <= 3.2.18 - Authenticated (Administrator+) Stored Cross-Site Scripting via Invoice SettingsEPSS 0.3%CVE-2025-22633MEDIUMWordPress Give – Divi Donation Modules plugin <= 2.0.0 - Sensitive Data Exposure vulnerabilityEPSS 0.3%CVE-2024-9655MEDIUMGutenberg Blocks with AI by Kadence WP – Page Builder Features <= 3.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Icon WidgetEPSS 0.3%CVE-2026-2826MEDIUMKadence Blocks — Page Builder Toolkit for Gutenberg Editor <= 3.6.3 - Missing Authorization to Authenticated (Contributor+) Media UploadEPSS 0.3%CVE-2024-13457MEDIUMEvent Tickets <= 5.18.1 - Insecure Direct Object Reference to Sensitive Information ExposureEPSS 0.3%CVE-2025-1291MEDIUMGutenberg Blocks by Kadence Blocks <= 3.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'icon'EPSS 0.3%CVE-2024-3714MEDIUMGiveWP – Donation Plugin and Fundraising Platform <= 3.10.0 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2026-1857MEDIUMGutenberg Blocks with AI by Kadence WP <= 3.6.1 - Authenticated (Contributor+) Server-Side Request Forgery via 'endpoint' ParameterEPSS 0.3%CVE-2024-12118MEDIUMThe Events Calendar <= 6.9.0 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2025-30794HIGHWordPress Event Tickets plugin <= 5.20.0 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2026-3079MEDIUMLearnDash LMS <= 5.0.3 - Authenticated (Contributor+) SQL Injection via 'filters[orderby_order]' ParameterEPSS 0.3%CVE-2025-11228MEDIUMGiveWP – Donation Plugin and Fundraising Platform <= 4.10.0 - Missing Authorization to Unauthenticated Forms-Campaign AssociationEPSS 0.3%CVE-2024-4208MEDIUMGutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.37 - Authenticated (Contributor+) Stored Cross-Site Scripting via Typer EffectEPSS 0.3%

← anteriorpágina 4 / 6próxima →