Skip to content
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
CVE:
Aplicar
Borrar filtros
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-68863
2026-02-20
N/A
0.0
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zack Katz iContact for Gravity Forms gravity-forms-icontact allows Reflected XSS.This issue affects iContact for Gravity Forms:…
CVE-2025-68862
2026-02-20
N/A
0.0
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Murtaza Bhurgri Woo File Dropzone woo-file-dropzone allows Path Traversal.This issue affects Woo File Dropzone: from…
CVE-2025-68856
2026-02-20
N/A
0.0
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in keeswolters Mopinion Feedback Form mopinion-feedback-form allows DOM-Based XSS.This issue affects Mopinion Feedback Form: from n/a through
CVE-2025-68855
2026-02-20
N/A
0.0
Insertion of Sensitive Information Into Sent Data vulnerability in themeglow JobBoard Job listing job-board-light allows Retrieve Embedded Sensitive Data.This issue affects JobBoard Job listing: from n/a through
CVE-2025-68854
2026-02-20
N/A
0.0
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in harman79 ID Arrays id-arrays allows DOM-Based XSS.This issue affects ID Arrays: from n/a through
CVE-2025-68853
2026-02-20
N/A
0.0
Deserialization of Untrusted Data vulnerability in Kleor Contact Manager contact-manager allows Object Injection.This issue affects Contact Manager: from n/a through
CVE-2025-68852
2026-02-20
N/A
0.0
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webmuehle Court Reservation court-reservation allows Reflected XSS.This issue affects Court Reservation: from n/a through
CVE-2025-68848
2026-02-20
N/A
0.0
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in anmari amr cron manager amr-cron-manager allows Reflected XSS.This issue affects amr cron manager: from n/a through
CVE-2025-68847
2026-02-20
N/A
0.0
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in itex iSape isape allows Reflected XSS.This issue affects iSape: from n/a through
CVE-2025-68846
2026-02-20
N/A
0.0
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paris Holley Asynchronous Javascript asynchronous-javascript allows Reflected XSS.This issue affects Asynchronous Javascript: from n/a through
CVE-2025-68845
2026-02-20
N/A
0.0
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aThemeArt Translations eDS Responsive Menu eds-responsive-menu allows Reflected XSS.This issue affects eDS Responsive Menu: from n/a…
CVE-2025-68844
2026-02-20
N/A
0.0
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DaleAB Membee Login membees-member-login-widget allows Reflected XSS.This issue affects Membee Login: from n/a through
CVE-2025-68843
2026-02-20
N/A
0.0
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bas Schuiling FeedWordPress Advanced Filters faf allows Reflected XSS.This issue affects FeedWordPress Advanced Filters: from n/a…
CVE-2025-68842
2026-02-20
N/A
0.0
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in totalbounty Widget Logic Visual widget-logic-visual allows Reflected XSS.This issue affects Widget Logic Visual: from n/a through
CVE-2025-68841
2026-02-20
N/A
0.0
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Themepul TopperPack – Complete Elementor Addons, Theme & CPT Builder topper-pack allows…
CVE-2025-68837
2026-02-20
N/A
0.0
Missing Authorization vulnerability in ELEXtensions ELEX WordPress HelpDesk & Customer Ticketing System elex-helpdesk-customer-support-ticket-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ELEX WordPress HelpDesk & Customer…
CVE-2025-68834
2026-02-20
N/A
0.0
Missing Authorization vulnerability in Saiful Islam Sync Master Sheet – Product Sync with Google Sheet for WooCommerce product-sync-master-sheet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects…
CVE-2025-68564
2026-02-20
N/A
0.0
Missing Authorization vulnerability in sendy Sendy sendy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sendy: from n/a through
CVE-2025-68552
2026-02-20
N/A
0.0
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WebCodingPlace WooCommerce Coming Soon Product with Countdown woo-coming-soon-product allows PHP Local File…
CVE-2025-68549
2026-02-20
N/A
0.0
Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Wiguard wiguard allows Upload a Web Shell to a Web Server.This issue affects Wiguard: from n/a through <…
CVE-2025-68545
2026-02-20
N/A
0.0
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Nika nika allows PHP Local File Inclusion.This issue affects Nika: from…
CVE-2025-68543
2026-02-20
N/A
0.0
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Diza diza allows PHP Local File Inclusion.This issue affects Diza: from…
CVE-2025-68542
2026-02-20
N/A
0.0
Missing Authorization vulnerability in vgdevsolutions Checkout Gateway for IRIS checkout-gateway-iris allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Checkout Gateway for IRIS: from n/a through
CVE-2025-68541
2026-02-20
N/A
0.0
Deserialization of Untrusted Data vulnerability in BoldThemes Ippsum ippsum allows Object Injection.This issue affects Ippsum: from n/a through
CVE-2025-68539
2026-02-20
N/A
0.0
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Fana fana allows PHP Local File Inclusion.This issue affects Fana: from…
CVE-2025-68536
2026-02-20
N/A
0.0
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Zota zota allows PHP Local File Inclusion.This issue affects Zota: from…
CVE-2025-68534
2026-02-20
N/A
0.0
Missing Authorization vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF for WPForms: from n/a through
CVE-2025-68531
2026-02-20
N/A
0.0
Deserialization of Untrusted Data vulnerability in modeltheme ModelTheme Addons for WPBakery and Elementor modeltheme-addons-for-wpbakery allows Object Injection.This issue affects ModelTheme Addons for WPBakery and Elementor: from n/a through…
CVE-2025-68526
2026-02-20
N/A
0.0
Deserialization of Untrusted Data vulnerability in A WP Life Modal Popup Box modal-popup-box allows Object Injection.This issue affects Modal Popup Box: from n/a through
CVE-2025-68514
2026-02-20
N/A
0.0
Authorization Bypass Through User-Controlled Key vulnerability in Cozmoslabs Paid Member Subscriptions paid-member-subscriptions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Paid Member Subscriptions: from n/a through
CVE-2025-68501
2026-02-20
N/A
0.0
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mollie Mollie Payments for WooCommerce mollie-payments-for-woocommerce allows Reflected XSS.This issue affects Mollie Payments for WooCommerce: from…
CVE-2025-68495
2026-02-20
N/A
0.0
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetEngine jet-engine allows Reflected XSS.This issue affects JetEngine: from n/a through
CVE-2025-68069
2026-02-20
N/A
0.0
Missing Authorization vulnerability in wpWax Directorist directorist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Directorist: from n/a through
CVE-2025-68051
2026-02-20
N/A
0.0
Authorization Bypass Through User-Controlled Key vulnerability in Shiprocket Shiprocket shiprocket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shiprocket: from n/a through
CVE-2025-68050
2026-02-20
N/A
0.0
Missing Authorization vulnerability in Leadpages Leadpages leadpages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leadpages: from n/a through
CVE-2025-68048
2026-02-20
N/A
0.0
Missing Authorization vulnerability in XLPlugins NextMove Lite woo-thank-you-page-nextmove-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NextMove Lite: from n/a through
CVE-2025-68043
2026-02-20
N/A
0.0
Missing Authorization vulnerability in LottieFiles LottieFiles lottiefiles allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LottieFiles: from n/a through
CVE-2025-68042
2026-02-20
N/A
0.0
Missing Authorization vulnerability in Travelpayouts Travelpayouts travelpayouts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travelpayouts: from n/a through
CVE-2025-68037
2026-02-20
N/A
0.0
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Atlas Gondal Export Media URLs export-media-urls allows Reflected XSS.This issue affects Export Media URLs: from n/a…
CVE-2025-68032
2026-02-20
N/A
0.0
Missing Authorization vulnerability in Passionate Brains Advanced WC Analytics advance-wc-analytics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced WC Analytics: from n/a through
CVE-2025-68031
2026-02-20
N/A
0.0
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in faraz sms افزونه پیامک حرفه ای فراز اس ام اس farazsms allows Reflected XSS.This issue affects…
CVE-2025-68028
2026-02-20
N/A
0.0
Missing Authorization vulnerability in Passionate Brains GA4WP: Google Analytics for WordPress ga-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GA4WP: Google Analytics for WordPress: from…
CVE-2025-68026
2026-02-20
N/A
0.0
Missing Authorization vulnerability in Niaj Morshed LC Wizard ghl-wizard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LC Wizard: from n/a through
CVE-2025-68025
2026-02-20
N/A
0.0
Missing Authorization vulnerability in Addonify Addonify Floating Cart For WooCommerce addonify-floating-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify Floating Cart For WooCommerce: from n/a…
CVE-2025-68024
2026-02-20
N/A
0.0
Missing Authorization vulnerability in Addonify Addonify – WooCommerce Wishlist addonify-wishlist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify – WooCommerce Wishlist: from n/a through
CVE-2025-68023
2026-02-20
N/A
0.0
Missing Authorization vulnerability in Addonify Addonify – Compare Products For WooCommerce addonify-compare-products allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify – Compare Products For WooCommerce:…
CVE-2025-68022
2026-02-20
N/A
0.0
Missing Authorization vulnerability in soporteblue Plugin BlueX for WooCommerce bluex-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Plugin BlueX for WooCommerce: from n/a through
CVE-2025-68021
2026-02-20
N/A
0.0
Missing Authorization vulnerability in ConveyThis ConveyThis conveythis-translate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ConveyThis: from n/a through
CVE-2025-68005
2026-02-20
N/A
0.0
Missing Authorization vulnerability in themewant Easy Hotel Booking easy-hotel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Hotel Booking: from n/a through
CVE-2025-68002
2026-02-20
N/A
0.0
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in 100plugins Open User Map open-user-map allows Path Traversal.This issue affects Open User Map: from n/a…
« Anterior
Página 273 de 4227
Siguiente »
Page load link
Go to Top
