Vulnerabilidades em techlabpro1

19 resultados

CVE-2025-7327HIGHWidget for Google Reviews <= 1.0.15 - Authenticated (Subscriber+) Directory Traversal to Local File InclusionEPSS 0.8%CVE-2025-1707HIGHReview Schema <= 2.2.4 - Authenticated (Contributor+) Local File Inclusion via Post MetaEPSS 0.6%CVE-2024-3936MEDIUMThe Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid <= 7.6.1 - Missing AuthorizationEPSS 0.6%CVE-2024-1352MEDIUMClassified Listing – Classified ads & Business Directory Plugin <= 3.0.4 - Missing AuthorizationEPSS 0.6%CVE-2024-11194HIGHClassified Listing – Classified ads & Business Directory Plugin <= 3.1.15.1 - Authenticated (Subscriber+) Limited Arbitrary Option UpdateEPSS 0.5%CVE-2024-7418MEDIUMThe Post Grid <= 7.7.11 - Authenticated (Contributor+) Information DisclosureEPSS 0.5%CVE-2024-1315HIGHClassified Listing <= 3.0.4 - Cross-Site Request Forgery to Account Takeover via rtcl_update_user_accountEPSS 0.5%CVE-2024-0836MEDIUMWordPress Review & Structure Data Schema Plugin – Review Schema <= 2.1.14 - Missing Authorization to Arbitrary Review UpdateEPSS 0.4%CVE-2024-3893MEDIUMClassified Listing – Classified ads & Business Directory Plugin <= 3.0.10.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Attachment DeletionEPSS 0.4%CVE-2024-1427MEDIUMThe Post Grid <= 7.7.1 - Authenticated(Contributor+) Stored Cross-Site Scripting via section title tagEPSS 0.3%CVE-2025-1063MEDIUMClassified Listing – Classified ads & Business Directory Plugin <= 4.0.4 - Unauthenticated Settings ExposureEPSS 0.3%CVE-2024-13439MEDIUMTeam – Team Members Showcase Plugin <= 4.4.9 - Missing Authorization to Authenticated (Subscriber+) Settings UpdateEPSS 0.3%CVE-2024-7888MEDIUMClassified Listing – Classified ads & Business Directory Plugin <= 3.1.7 - Missing AuthorizationEPSS 0.3%CVE-2024-13415MEDIUMFood Menu – Restaurant Menu & Online Ordering for WooCommerce <= 5.1.4 - Missing Authorization to Authenticated (Subscriber+) Settings UpdateEPSS 0.3%CVE-2026-7563MEDIUMClassified Listing <= 5.3.10 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Modification via add_order_note and send_email_to_user_by_moderator AJAX ActionsEPSS 0.3%CVE-2025-5844MEDIUMRadius Blocks <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via subHeadingTagName ParameterEPSS 0.2%CVE-2026-10779MEDIUMClassified Listing <= 5.4.2 - Missing Authorization to Authenticated (Subscriber+) Feature Modification via Multiple AJAX Handlers ('listingId'/'id' Parameters)EPSS 0.2%CVE-2025-12953MEDIUMClassified Listing – AI-Powered Classified ads & Business Directory Plugin <= 5.2.0 - Missing Authorization to Authenticated (Subscriber+) Listing Types TamperingEPSS 0.2%CVE-2025-7711MEDIUMClassified Listing – Classified ads & Business Directory Plugin <= 5.0.3 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via Listing DescriptionEPSS 0.2%