Vulnerabilidades em wpextended
14 resultadosCVE-2024-8104HIGHThe Ultimate WordPress Toolkit – WP Extended <= 3.0.8 - Directory Traversal to Authenticated (Subscriber+) Arbitrary File DownloadEPSS 1.0%CVE-2024-11816HIGHThe Ultimate WordPress Toolkit – WP Extended <= 3.0.11 - Missing Authorization to Authenticated (Subscriber+) Remote Code ExecutionEPSS 0.7%CVE-2024-13184HIGHThe Ultimate WordPress Toolkit – WP Extended <= 3.0.12 - Unauthenticated SQL Injection via Login Attempts ModuleEPSS 0.5%CVE-2024-8102HIGHThe Ultimate WordPress Toolkit – WP Extended <= 3.0.8 - Authenticated (Subscriber+) Arbitrary Options UpdateEPSS 0.5%CVE-2024-8106MEDIUMThe Ultimate WordPress Toolkit – WP Extended <= 3.0.8 - Authenticated (Subscriber+) Sensitive Information ExposureEPSS 0.5%CVE-2024-9347MEDIUMThe Ultimate WordPress Toolkit – WP Extended <= 3.0.9 - Reflected Cross-Site ScriptingEPSS 0.5%CVE-2024-8119MEDIUMThe Ultimate WordPress Toolkit – WP Extended <= 3.0.8 - Reflected Cross-Site Scripting via pageEPSS 0.4%CVE-2024-8117MEDIUMThe Ultimate WordPress Toolkit – WP Extended <= 3.0.8 - Reflected Cross-Site Scripting via selected_optionEPSS 0.4%CVE-2024-8121MEDIUMThe Ultimate WordPress Toolkit – WP Extended <= 3.0.8 - Missing Authorization to Admin Username ChangeEPSS 0.3%CVE-2024-8123MEDIUMThe Ultimate WordPress Toolkit – WP Extended <= 3.0.8 - Insecure Direct Object ReferenceEPSS 0.3%CVE-2024-13554MEDIUMThe Ultimate WordPress Toolkit – WP Extended <= 3.0.13 - Missing Authorization to Unauthenticated Post Order ManipulationEPSS 0.3%CVE-2026-4314HIGHThe Ultimate WordPress Toolkit – WP Extended <= 3.2.4 - Authenticated (Subscriber+) Privilege Escalation via Menu Editor ModuleEPSS 0.3%CVE-2025-4963MEDIUMWP Extended <= 3.0.15 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File UploadEPSS 0.2%CVE-2024-11916HIGHThe Ultimate WordPress Toolkit – WP Extended <= 3.0.11 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site ScriptingEPSS 0.2%