Vulnerabilidades em stiofansisland
9 resultadosCVE-2024-6265CRITICALUsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress <= 1.2.10 - Unauthenticated SQL Injection via 'uwp_sort_by'EPSS 2.4%CVE-2024-2423MEDIUMUsersWP <= 1.2.6 - Authenticated(Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.4%CVE-2025-10003MEDIUMUsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP <= 1.2.44 - Authenticated (Subscriber+) SQL InjectionEPSS 0.3%CVE-2026-4979MEDIUMUsersWP <= 1.2.58 - Authenticated (Subscriber+) Server-Side Request Forgery via 'uwp_crop' ParameterEPSS 0.3%CVE-2026-4977MEDIUMUsersWP <= 1.2.58 - Authenticated (Subscriber+) Restricted Usermeta Modification via 'htmlvar' ParameterEPSS 0.3%CVE-2026-12102LOWUsersWP <= 1.2.63 - Insecure Direct Object Reference to Authenticated (Editor+) Arbitrary User Avatar/Banner Reset via 'user_id' ParameterEPSS 0.3%CVE-2026-11616HIGHEvents Calendar for GeoDirectory <= 2.3.28 - Authenticated (Subscriber+) Privilege EscalationEPSS 0.3%CVE-2026-5742MEDIUMUsersWP <= 1.2.60 - Authenticated (Subscriber+) Stored Cross-Site Scripting via User Badge Link SubstitutionEPSS 0.2%CVE-2025-9344MEDIUMUsersWP <= 1.2.42 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.2%