Vulnerabilidades CVE
Base de dados CVE enriquecida com CISA KEV e NVD
| CVE ID | CVSS | Severidade | KEV | Avistamentos |
|---|---|---|---|---|
| CVE-2023-23656 Unrestricted Upload of File with Dangerous Type vulnerability in MainWP MainWP File Uploader Extension.This issue affects MainWP File Uploader Extension: from n/a through 4.1. | 10.0 | CRITICAL | — | 0 |
| CVE-2023-25965 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in mbbhatti Upload Resume.This issue affects Upload Resume: from n/a through 1.2.0. | 5.9 | MEDIUM | — | 0 |
| CVE-2023-27440 Unrestricted Upload of File with Dangerous Type vulnerability in OnTheGoSystems Types.This issue affects Types: from n/a through 3.4.17. | 7.2 | HIGH | — | 0 |
| CVE-2023-27459 Deserialization of Untrusted Data vulnerability in WPEverest User Registration.This issue affects User Registration: from n/a through 2.3.2.1. | 7.4 | HIGH | — | 0 |
| CVE-2023-27630 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PeepSo Community by PeepSo.This issue affects Community by PeepSo: from n/a through 6.0.9.0. | 5.3 | MEDIUM | — | 0 |
| CVE-2023-6091 Unrestricted Upload of File with Dangerous Type vulnerability in mndpsingh287 Theme Editor.This issue affects Theme Editor: from n/a through 2.7.1. | 7.2 | HIGH | — | 0 |
| CVE-2023-28687 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in perfectwpthemes Glaze Blog Lite, themebeez Fascinate, themebeez Cream Blog, themebeez Cream Magazi... | 7.1 | HIGH | — | 0 |
| CVE-2023-28787 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ExpressTech Quiz And Survey Master.This issue affects Quiz And Survey Master: from n/a through 8.1... | 9.3 | CRITICAL | — | 0 |
| CVE-2023-29386 Unrestricted Upload of File with Dangerous Type vulnerability in Julien Crego Manager for Icomoon.This issue affects Manager for Icomoon: from n/a through 2.0. | 9.1 | CRITICAL | — | 0 |
| CVE-2023-38388 Unrestricted Upload of File with Dangerous Type vulnerability in Artbees JupiterX Core.This issue affects JupiterX Core: from n/a through 3.3.5. | 9.0 | CRITICAL | — | 0 |
| CVE-2023-39307 Unrestricted Upload of File with Dangerous Type vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through 7.11.1. | 8.5 | HIGH | — | 0 |
| CVE-2023-47842 Unrestricted Upload of File with Dangerous Type vulnerability in Zachary Segal CataBlog.This issue affects CataBlog: from n/a through 1.7.0. | 9.1 | CRITICAL | — | 0 |
| CVE-2023-47846 Unrestricted Upload of File with Dangerous Type vulnerability in Terry Lin WP Githuber MD.This issue affects WP Githuber MD: from n/a through 1.16.2. | 9.1 | CRITICAL | — | 0 |
| CVE-2023-47873 Unrestricted Upload of File with Dangerous Type vulnerability in WEN Solutions WP Child Theme Generator.This issue affects WP Child Theme Generator: from n/a through 1.0.9. | 9.1 | CRITICAL | — | 0 |
| CVE-2023-48275 Unrestricted Upload of File with Dangerous Type vulnerability in Trustindex.Io Widgets for Google Reviews.This issue affects Widgets for Google Reviews: from n/a through 11.0.2. | 8.0 | HIGH | — | 0 |
| CVE-2023-48777 Unrestricted Upload of File with Dangerous Type vulnerability in Elementor.Com Elementor Website Builder.This issue affects Elementor Website Builder: from 3.3.0 through 3.18.1. | 9.9 | CRITICAL | — | 0 |
| CVE-2023-39306 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder allows Reflected XSS.This issue affects Fusion Builder: from n/a throug... | 7.1 | HIGH | — | 0 |
| CVE-2023-49815 Unrestricted Upload of File with Dangerous Type vulnerability in WappPress Team WappPress.This issue affects WappPress: from n/a through 5.0.3. | 10.0 | CRITICAL | — | 0 |
| CVE-2023-52228 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mark Kinchin Beds24 Online Booking allows Stored XSS.This issue affects Beds24 Online Booking: fro... | 6.5 | MEDIUM | — | 0 |
| CVE-2022-45847 Cross-Site Request Forgery (CSRF) vulnerability in WPAssist.Me WordPress Countdown Widget allows Cross-Site Scripting (XSS).This issue affects WordPress Countdown Widget: from n/a through 3.1.9.1. | 6.1 | MEDIUM | — | 0 |
| CVE-2023-34020 URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash.This issue affects Uncanny Toolkit for LearnDash: from n/a through 3.6.4.3. | 4.7 | MEDIUM | — | 0 |
| CVE-2023-39311 Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1. | 7.1 | HIGH | — | 0 |
| CVE-2023-44999 Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through 7.6.0. | 5.4 | MEDIUM | — | 0 |
| CVE-2023-34370 Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Starter Templates — Elementor, WordPress & Beaver Builder Templates, Brainstorm Force Premium Starter Templates.This issue affects ... | 7.1 | HIGH | — | 0 |
| CVE-2023-36679 Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Spectra.This issue affects Spectra: from n/a through 2.6.6. | 7.1 | HIGH | — | 0 |
| CVE-2022-45850 Cross-Site Request Forgery (CSRF) vulnerability in Nickys Image Map Pro allows Stored XSS.This issue affects Image Map Pro: from n/a before 5.6.9. | 6.1 | MEDIUM | — | 0 |
| CVE-2023-23649 Deserialization of Untrusted Data vulnerability in MainWP MainWP Links Manager Extension.This issue affects MainWP Links Manager Extension: from n/a through 2.1. | 8.1 | HIGH | — | 0 |
| CVE-2023-39309 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1. | 8.5 | HIGH | — | 0 |
| CVE-2023-50374 Server-Side Request Forgery (SSRF) vulnerability in NiteoThemes CMP – Coming Soon & Maintenance.This issue affects CMP – Coming Soon & Maintenance: from n/a through 4.1.10. | 5.5 | MEDIUM | — | 0 |
| CVE-2023-52231 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Booster Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before 7.1.2. | 6.5 | MEDIUM | — | 0 |
| CVE-2023-52234 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Booster Booster Elite for WooCommerce.This issue affects Booster Elite for WooCommerce: from n/a before 7.1.2. | 6.5 | MEDIUM | — | 0 |
| CVE-2024-22138 Insertion of Sensitive Information into Log File vulnerability in Seraphinite Solutions Seraphinite Accelerator.This issue affects Seraphinite Accelerator: from n/a through 2.20.47. | 5.3 | MEDIUM | — | 0 |
| CVE-2023-25699 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in VideoWhisper.Com VideoWhisper Live Streaming Integration allows OS Command Injection.This is... | 9.0 | CRITICAL | — | 0 |
| CVE-2022-44633 Missing Authorization vulnerability in YITH YITH WooCommerce Gift Cards Premium.This issue affects YITH WooCommerce Gift Cards Premium: from n/a through 3.23.1. | 6.5 | MEDIUM | — | 0 |
| CVE-2022-47604 Missing Authorization vulnerability in junkcoder, ristoniinemets AJAX Thumbnail Rebuild.This issue affects AJAX Thumbnail Rebuild: from n/a through 1.13. | 4.3 | MEDIUM | — | 0 |
| CVE-2023-27607 Missing Authorization vulnerability in WP Swings Points and Rewards for WooCommerce.This issue affects Points and Rewards for WooCommerce: from n/a through 1.5.0. | 5.4 | MEDIUM | — | 0 |
| CVE-2023-51409 Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 1.9.98. | 10.0 | CRITICAL | — | 0 |
| CVE-2023-51499 Missing Authorization vulnerability in WooCommerce WooCommerce Shipping Per Product.This issue affects WooCommerce Shipping Per Product: from n/a through 2.5.4. | 4.3 | MEDIUM | — | 0 |
| CVE-2023-51515 Missing Authorization vulnerability in Undsgn Uncode Core allows Privilege Escalation.This issue affects Uncode Core: from n/a through 2.8.8. | 8.8 | HIGH | — | 0 |
| CVE-2023-52211 Missing Authorization vulnerability in Automattic WP Job Manager.This issue affects WP Job Manager: from n/a through 2.0.0. | 5.3 | MEDIUM | — | 0 |
| CVE-2023-52144 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RexTheme Product Feed Manager.This issue affects Product Feed Manager: from n/a through 7.3.15. | 5.5 | MEDIUM | — | 0 |
| CVE-2023-40000 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache: from ... | 8.3 | HIGH | — | 0 |
| CVE-2023-45000 Missing Authorization vulnerability in LiteSpeed Technologies LiteSpeed Cache.This issue affects LiteSpeed Cache: from n/a through 5.7. | 8.2 | HIGH | — | 0 |
| CVE-2023-25043 Incorrect Authorization vulnerability in Supsystic Data Tables Generator.This issue affects Data Tables Generator: from n/a through 1.10.25. | 4.3 | MEDIUM | — | 0 |
| CVE-2023-36505 Improper Input Validation vulnerability in Saturday Drive Ninja Forms Contact Form.This issue affects Ninja Forms Contact Form : from n/a through 3.6.24. | 6.8 | MEDIUM | — | 0 |
| CVE-2023-44227 Missing Authorization vulnerability in Mitchell Bennis Simple File List.This issue affects Simple File List: from n/a through 6.1.9. | 7.5 | HIGH | — | 0 |
| CVE-2024-1350 Missing Authorization vulnerability in Prasidhda Malla Honeypot for WP Comment.This issue affects Honeypot for WP Comment: from n/a through 2.2.3. | 5.3 | MEDIUM | — | 0 |
| CVE-2022-41698 Missing Authorization vulnerability in Layered If Menu.This issue affects If Menu: from n/a through 0.16.3. | 6.5 | MEDIUM | — | 0 |
| CVE-2022-47151 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best... | 8.6 | HIGH | — | 0 |
| CVE-2023-51418 Missing Authorization vulnerability in Joris van Montfort JVM rich text icons.This issue affects JVM rich text icons: from n/a through 1.2.6. | 7.7 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.