Vulnerabilidades em trainingbusinesspros
11 resultadosCVE-2025-4206HIGHWordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg <= 4.1.1.2 - Authenticated (Administrator+) Arbitrary File DeletionEPSS 1.3%CVE-2025-0394HIGHGroundhogg <= 3.7.3.5 - Authenticated (Author+) Arbitrary File Upload via gh_big_file_upload FunctionEPSS 1.1%CVE-2023-2715MEDIUMGroundhogg <= 2.7.9.8 - Missing Authorization to Admin Account and Ticket CreationEPSS 0.6%CVE-2023-2714MEDIUMGroundhogg <= 2.7.9.8 - Missing Authorization to Update LicenseEPSS 0.5%CVE-2023-2735MEDIUMGroundhogg <= 2.7.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.5%CVE-2026-4281MEDIUMFormLift for Infusionsoft Web Forms <= 7.5.21 - Missing Authorization to Unauthenticated Infusionsoft Connection Hijack via OAuth Connection FlowEPSS 0.5%CVE-2023-2716MEDIUMGroundhogg <= 2.7.9.8 - Missing Authorization to Non-Arbitrary File UploadEPSS 0.5%CVE-2023-2736HIGHGroundhogg <= 2.7.9.8 - Cross-Site Request Forgery to Privilege EscalationEPSS 0.4%CVE-2025-1267MEDIUMGroundhogg <= 3.7.4.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via label ParameterEPSS 0.3%CVE-2023-2717MEDIUMGroundhogg <= 2.7.9.8 - Cross-Site Request Forgery to Disable All PluginsEPSS 0.3%CVE-2025-12750MEDIUMGroundhogg <= 4.2.6.1 - Authenticated (Admin+) SQL InjectionEPSS 0.3%