Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2022-47597 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Popup Maker Popup Maker β Popup for opt-ins, lead gen, & more.This issue affects Popup Maker β Popup for opt-ins, lead gen, ... | 5.3 | MEDIUM | β | 0 |
| CVE-2022-47599 Deserialization of Untrusted Data vulnerability in File Manager by Bit Form Team File Manager β 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager.This issue affects File Man... | 5.5 | MEDIUM | β | 0 |
| CVE-2023-26525 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs Dokan β Best WooCommerce Multivendor Marketplace Solution β Build Your Own Amazon, eBay, Et... | 7.1 | HIGH | β | 0 |
| CVE-2023-28491 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tribulant Slideshow Gallery LITE.This issue affects Slideshow Gallery LITE: from n/a through 1.7.6... | 6.7 | MEDIUM | β | 0 |
| CVE-2023-28788 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter β Most Wanted Analytics Plugin for WordPress.This i... | 7.1 | HIGH | β | 0 |
| CVE-2023-29096 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BestWebSoft Contact Form to DB by BestWebSoft β Messages Database Plugin For WordPress.This issue ... | 8.5 | HIGH | β | 0 |
| CVE-2023-29432 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Favethemes Houzez - Real Estate WordPress Theme.This issue affects Houzez - Real Estate WordPress ... | 8.2 | HIGH | β | 0 |
| CVE-2023-49161 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Guelben Bravo Translate.This issue affects Bravo Translate: from n/a through 1.2. | 7.6 | HIGH | β | 0 |
| CVE-2023-49166 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Magic Logix MSync.This issue affects MSync: from n/a through 1.0.0. | 7.6 | HIGH | β | 0 |
| CVE-2023-49752 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Spoon themes Adifier - Classified Ads WordPress Theme.This issue affects Adifier - Classified Ads ... | 9.3 | CRITICAL | β | 0 |
| CVE-2023-28170 Unrestricted Upload of File with Dangerous Type vulnerability in Themely Theme Demo Import.This issue affects Theme Demo Import: from n/a through 1.1.1. | 9.1 | CRITICAL | β | 0 |
| CVE-2023-29102 Unrestricted Upload of File with Dangerous Type vulnerability in Olive Themes Olive One Click Demo Import.This issue affects Olive One Click Demo Import: from n/a through 1.1.1. | 9.1 | CRITICAL | β | 0 |
| CVE-2023-29384 Unrestricted Upload of File with Dangerous Type vulnerability in HM Plugin WordPress Job Board and Recruitment Plugin β JobWP.This issue affects WordPress Job Board and Recruitment Plugin β JobWP: fro... | 10.0 | CRITICAL | β | 0 |
| CVE-2023-31215 Unrestricted Upload of File with Dangerous Type vulnerability in AmaderCode Lab Dropshipping & Affiliation with Amazon.This issue affects Dropshipping & Affiliation with Amazon: from n/a through 2.1.2... | 9.9 | CRITICAL | β | 0 |
| CVE-2023-31231 Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates).This issue affects Unlimited Elements For Element... | 9.9 | CRITICAL | β | 0 |
| CVE-2023-33318 Unrestricted Upload of File with Dangerous Type vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.40. | 9.9 | CRITICAL | β | 0 |
| CVE-2023-34007 Unrestricted Upload of File with Dangerous Type vulnerability in WPChill Download Monitor.This issue affects Download Monitor: from n/a through 4.8.3. | 9.9 | CRITICAL | β | 0 |
| CVE-2023-34385 Unrestricted Upload of File with Dangerous Type vulnerability in Akshay Menariya Export Import Menus.This issue affects Export Import Menus: from n/a through 1.8.0. | 9.9 | CRITICAL | β | 0 |
| CVE-2023-40204 Unrestricted Upload of File with Dangerous Type vulnerability in Premio Folders β Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager.This issue affects Folders β Unlimited ... | 9.1 | CRITICAL | β | 0 |
| CVE-2023-45603 Unrestricted Upload of File with Dangerous Type vulnerability in Jeff Starr User Submitted Posts β Enable Users to Submit Posts from the Front End.This issue affects User Submitted Posts β Enable User... | 9.0 | CRITICAL | β | 0 |
| CVE-2023-46149 Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Ultra.This issue affects Themify Ultra: from n/a through 7.3.5. | 9.9 | CRITICAL | β | 0 |
| CVE-2023-47784 Unrestricted Upload of File with Dangerous Type vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider Revolution: from n/a through 6.6.15. | 8.4 | HIGH | β | 0 |
| CVE-2023-49814 Unrestricted Upload of File with Dangerous Type vulnerability in Symbiostock symbiostock.This issue affects Symbiostock: from n/a through 6.0.0. | 9.1 | CRITICAL | β | 0 |
| CVE-2023-23970 Unrestricted Upload of File with Dangerous Type vulnerability in WooRockets Corsa.This issue affects Corsa: from n/a through 1.5. | 8.8 | HIGH | β | 0 |
| CVE-2023-25970 Unrestricted Upload of File with Dangerous Type vulnerability in Zendrop Zendrop β Global Dropshipping.This issue affects Zendrop β Global Dropshipping: from n/a through 1.0.0. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-45377 Unrestricted Upload of File with Dangerous Type vulnerability in Glen Don L. Mongaya Drag and Drop Multiple File Upload for WooCommerce.This issue affects Drag and Drop Multiple File Upload for WooCom... | 6.5 | MEDIUM | β | 0 |
| CVE-2023-49762 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in AppMySite AppMySite β Create an app with the Best Mobile App Builder.This issue affects AppMySite β Create an app with the B... | 5.3 | MEDIUM | β | 0 |
| CVE-2023-49778 Deserialization of Untrusted Data vulnerability in Hakan Demiray Sayfa Sayac.This issue affects Sayfa Sayac: from n/a through 2.6. | 10.0 | CRITICAL | β | 0 |
| CVE-2023-49826 Deserialization of Untrusted Data vulnerability in PenciDesign Soledad β Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad β Multipurpose, Newspaper, Blog & WooCom... | 8.1 | HIGH | β | 0 |
| CVE-2023-28421 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Winwar Media WordPress Email Marketing Plugin β WP Email Capture.This issue affects WordPress Email Marketing Plugin β WP Em... | 5.3 | MEDIUM | β | 0 |
| CVE-2023-48288 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HM Plugin WordPress Job Board and Recruitment Plugin β JobWP.This issue affects WordPress Job Board and Recruitment Plugin β... | 7.5 | HIGH | β | 0 |
| CVE-2023-49162 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BigCommerce BigCommerce For WordPress.This issue affects BigCommerce For WordPress: from n/a through 5.0.6. | 5.3 | MEDIUM | β | 0 |
| CVE-2023-22674 Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in Hal Gatewood Dashicons + Custom Post Types.This issue affects Dashicons + Custom Post Types: from n/a through 1.0.2. | 5.4 | MEDIUM | β | 0 |
| CVE-2023-47525 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in A WP Life Event Monster β Event Management, Tickets Booking, Upcoming Event allows Stored XSS.This... | 5.9 | MEDIUM | β | 0 |
| CVE-2023-47527 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sajjad Hossain Sagor WP Edit Username allows Stored XSS.This issue affects WP Edit Username: from ... | 5.9 | MEDIUM | β | 0 |
| CVE-2023-50377 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AB-WP Simple Counter allows Stored XSS.This issue affects Simple Counter: from n/a through 1.0.2. | 5.9 | MEDIUM | β | 0 |
| CVE-2023-50822 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Currency.Wiki Currency Converter Widget β Exchange Rates allows Stored XSS.This issue affects Curr... | 6.5 | MEDIUM | β | 0 |
| CVE-2023-50823 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wipeout Media CSS & JavaScript Toolbox allows Stored XSS.This issue affects CSS & JavaScript Toolb... | 6.5 | MEDIUM | β | 0 |
| CVE-2023-50824 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brian Batt Insert or Embed Articulate Content into WordPress allows Stored XSS.This issue affects ... | 6.5 | MEDIUM | β | 0 |
| CVE-2023-50825 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Terrier Tenacity iframe Shortcode allows Stored XSS.This issue affects iframe Shortcode: from n/a ... | 6.5 | MEDIUM | β | 0 |
| CVE-2023-50826 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Freshlight Lab Menu Image, Icons made easy allows Stored XSS.This issue affects Menu Image, Icons ... | 5.9 | MEDIUM | β | 0 |
| CVE-2023-50827 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Accredible Accredible Certificates & Open Badges allows Stored XSS.This issue affects Accredible C... | 5.9 | MEDIUM | β | 0 |
| CVE-2023-50828 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Vongries Ultimate Dashboard β Custom WordPress Dashboard allows Stored XSS.This issue affect... | 5.9 | MEDIUM | β | 0 |
| CVE-2025-59214 Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. | 6.5 | MEDIUM | β | 0 |
| CVE-2026-20872 External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. | 6.5 | MEDIUM | β | 0 |
| CVE-2026-25724 Claude Code is an agentic coding tool. Prior to version 2.1.7, Claude Code failed to strictly enforce deny rules configured in settings.json when accessing files through symbolic links. If a user expl... | 7.5 | HIGH | β | 0 |
| CVE-2026-4974 A flaw has been found in Tenda AC7 15.03.06.44. Affected by this issue is the function fromSetSysTime of the file /goform/SetSysTimeCfg of the component POST Request Handler. Executing a manipulation ... | 8.8 | HIGH | β | 0 |
| CVE-2023-50829 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aerin Loan Repayment Calculator and Application Form allows Stored XSS.This issue affects Loan Rep... | 5.9 | MEDIUM | β | 0 |
| CVE-2023-50830 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Seosbg Seos Contact Form allows Stored XSS.This issue affects Seos Contact Form: from n/a through ... | 5.9 | MEDIUM | β | 0 |
| CVE-2023-50831 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VillaTheme CURCY β Multi Currency for WooCommerce allows Stored XSS.This issue affects CURCY β Mul... | 6.5 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.