Skip to content
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
CVE:
Aplicar
Borrar filtros
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2026-27659
2026-03-25
MEDIUM
4.6
Mattermost versions 11.2.x
CVE-2026-27656
2026-03-25
MEDIUM
5.7
Mattermost versions 11.4.x
CVE-2026-27095
2026-03-25
N/A
0.0
Deserialization of Untrusted Data vulnerability in magepeopleteam Bus Ticket Booking with Seat Reservation bus-ticket-booking-with-seat-reservation allows Object Injection.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through
CVE-2026-27084
2026-03-25
N/A
0.0
Deserialization of Untrusted Data vulnerability in ThemeREX Buisson buisson allows Object Injection.This issue affects Buisson: from n/a through
CVE-2026-27083
2026-03-25
N/A
0.0
Deserialization of Untrusted Data vulnerability in ThemeREX Work & Travel Company work-travel-company allows Object Injection.This issue affects Work & Travel Company: from n/a through
CVE-2026-27082
2026-03-25
N/A
0.0
Deserialization of Untrusted Data vulnerability in ThemeREX Love Story lovestory allows Object Injection.This issue affects Love Story: from n/a through
CVE-2026-27081
2026-03-25
N/A
0.0
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Rosebud rosebud allows PHP Local File Inclusion.This issue affects Rosebud: from…
CVE-2026-27080
2026-03-25
N/A
0.0
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Deston deston allows PHP Local File Inclusion.This issue affects Deston: from…
CVE-2026-27079
2026-03-25
N/A
0.0
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Amfissa amfissa allows PHP Local File Inclusion.This issue affects Amfissa: from…
CVE-2026-27078
2026-03-25
N/A
0.0
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Emaurri emaurri allows PHP Local File Inclusion.This issue affects Emaurri: from…
CVE-2026-27077
2026-03-25
N/A
0.0
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes MultiOffice multioffice allows PHP Local File Inclusion.This issue affects MultiOffice: from…
CVE-2026-27076
2026-03-25
N/A
0.0
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes LuxeDrive luxedrive allows PHP Local File Inclusion.This issue affects LuxeDrive: from…
CVE-2026-27075
2026-03-25
N/A
0.0
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Belfort belfort allows PHP Local File Inclusion.This issue affects Belfort: from…
CVE-2026-27073
2026-03-25
N/A
0.0
Use of Hard-coded Credentials vulnerability in Addi Addi – Cuotas que se adaptan a ti buy-now-pay-later-addi allows Password Recovery Exploitation.This issue affects Addi – Cuotas que se adaptan…
CVE-2026-27071
2026-03-25
N/A
0.0
Missing Authorization vulnerability in Arraytics WPCafe wp-cafe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCafe: from n/a through
CVE-2026-27051
2026-03-25
N/A
0.0
Incorrect Privilege Assignment vulnerability in uxper Golo golo allows Privilege Escalation.This issue affects Golo: from n/a through
CVE-2026-27049
2026-03-25
N/A
0.0
Authentication Bypass Using an Alternate Path or Channel vulnerability in NooTheme Jobica Core jobica-core allows Authentication Abuse.This issue affects Jobica Core: from n/a through
CVE-2026-27048
2026-03-25
N/A
0.0
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes The Aisle Core theaisle-core allows PHP Local File Inclusion.This issue affects…
CVE-2026-27047
2026-03-25
N/A
0.0
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Curly Core curly-core allows PHP Local File Inclusion.This issue affects Curly…
CVE-2026-27046
2026-03-25
N/A
0.0
Missing Authorization vulnerability in Kaira StoreCustomizer woocustomizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects StoreCustomizer: from n/a through
CVE-2026-27045
2026-03-25
N/A
0.0
Deserialization of Untrusted Data vulnerability in sbthemes WooCommerce Infinite Scroll sb-woocommerce-infinite-scroll allows Object Injection.This issue affects WooCommerce Infinite Scroll: from n/a through
CVE-2026-27040
2026-03-25
N/A
0.0
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AA-Team WZone woozone allows Path Traversal.This issue affects WZone: from n/a through
CVE-2026-27039
2026-03-25
N/A
0.0
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone woozone allows Blind SQL Injection.This issue affects WZone: from n/a through
CVE-2026-26233
2026-03-25
MEDIUM
4.3
Mattermost versions 11.4.x
CVE-2026-25469
2026-03-25
N/A
0.0
Missing Authorization vulnerability in ViaBill for WooCommerce ViaBill – WooCommerce viabill-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ViaBill – WooCommerce: from n/a through
CVE-2026-25464
2026-03-25
N/A
0.0
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in TieLabs Jannah jannah allows PHP Local File Inclusion.This issue affects Jannah: from…
CVE-2026-25462
2026-03-25
N/A
0.0
Missing Authorization vulnerability in avalex avalex avalex allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects avalex: from n/a through
CVE-2026-25460
2026-03-25
N/A
0.0
Missing Authorization vulnerability in LiquidThemes Ave Core ave-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ave Core: from n/a through
CVE-2026-25458
2026-03-25
N/A
0.0
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Moments moments allows PHP Local File Inclusion.This issue affects Moments: from…
CVE-2026-25457
2026-03-25
N/A
0.0
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Mixtape mixtape allows PHP Local File Inclusion.This issue affects Mixtape: from…
CVE-2026-25456
2026-03-25
N/A
0.0
Missing Authorization vulnerability in Aarsiv Groups Automated FedEx live/manual rates with shipping labels a2z-fedex-shipping allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automated FedEx live/manual rates…
CVE-2026-25455
2026-03-25
N/A
0.0
Missing Authorization vulnerability in PickPlugins Product Slider for WooCommerce woocommerce-products-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Slider for WooCommerce: from n/a through
CVE-2026-25454
2026-03-25
N/A
0.0
Missing Authorization vulnerability in MVPThemes The League the-league allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The League: from n/a through
CVE-2026-25437
2026-03-25
N/A
0.0
Missing Authorization vulnerability in سید محمدامین هاشمی GZSEO gzseo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GZSEO: from n/a through
CVE-2026-25430
2026-03-25
N/A
0.0
Missing Authorization vulnerability in CRM Perks Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms cf7-mailchimp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects…
CVE-2026-25429
2026-03-25
N/A
0.0
Deserialization of Untrusted Data vulnerability in wpdive Nexa Blocks nexa-blocks allows Object Injection.This issue affects Nexa Blocks: from n/a through
CVE-2026-25414
2026-03-25
N/A
0.0
Incorrect Privilege Assignment vulnerability in iqonicdesign WPBookit Pro wpbookit-pro allows Privilege Escalation.This issue affects WPBookit Pro: from n/a through
CVE-2026-25413
2026-03-25
N/A
0.0
Unrestricted Upload of File with Dangerous Type vulnerability in iqonicdesign WPBookit Pro wpbookit-pro allows Using Malicious Files.This issue affects WPBookit Pro: from n/a through
CVE-2026-25406
2026-03-25
N/A
0.0
Authentication Bypass Using an Alternate Path or Channel vulnerability in Themeum Tutor LMS Pro tutor-pro allows Authentication Abuse.This issue affects Tutor LMS Pro: from n/a through
CVE-2026-25401
2026-03-25
N/A
0.0
Missing Authorization vulnerability in Arni Cinco WPCargo Track & Trace wpcargo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCargo Track & Trace: from n/a through
CVE-2026-25400
2026-03-25
N/A
0.0
Deserialization of Untrusted Data vulnerability in thememount Apicona apicona allows Object Injection.This issue affects Apicona: from n/a through
CVE-2026-25398
2026-03-25
N/A
0.0
Missing Authorization vulnerability in Webilia Inc. Vertex Addons for Elementor addons-for-elementor-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Vertex Addons for Elementor: from n/a through
CVE-2026-25397
2026-03-25
N/A
0.0
Path Traversal: '.../...//' vulnerability in Snowray Software File Uploader for WooCommerce file-uploader-for-woocommerce allows Path Traversal.This issue affects File Uploader for WooCommerce: from n/a through
CVE-2026-25396
2026-03-25
N/A
0.0
Missing Authorization vulnerability in CoderPress Commerce Coinbase For WooCommerce commerce-coinbase-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Commerce Coinbase For WooCommerce: from n/a through
CVE-2026-25390
2026-03-25
N/A
0.0
Missing Authorization vulnerability in Saad Iqbal New User Approve new-user-approve allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects New User Approve: from n/a through
CVE-2026-25382
2026-03-25
N/A
0.0
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in jwsthemes IdealAuto idealauto allows PHP Local File Inclusion.This issue affects IdealAuto: from…
CVE-2026-25381
2026-03-25
N/A
0.0
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in jwsthemes LoveDate lovedate allows PHP Local File Inclusion.This issue affects LoveDate: from…
CVE-2026-25380
2026-03-25
N/A
0.0
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in jwsthemes Feedy feedy allows PHP Local File Inclusion.This issue affects Feedy: from…
CVE-2026-25379
2026-03-25
N/A
0.0
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in jwsthemes StreamVid streamvid allows PHP Local File Inclusion.This issue affects StreamVid: from…
CVE-2026-25377
2026-03-25
N/A
0.0
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in eyecix Addon Jobsearch Chat addon-jobsearch-chat allows SQL Injection.This issue affects Addon Jobsearch Chat: from…
« Anterior
Página 78 de 4159
Siguiente »
Page load link
Go to Top
