Skip to content
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
CVE:
Aplicar
Borrar filtros
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2026-42651
2026-06-15
MEDIUM
6.3
Subscriber Broken Access Control in Classified Listing
CVE-2026-42650
2026-06-15
HIGH
7.2
Unauthenticated Cross Site Scripting (XSS) in AutomatorWP
CVE-2026-42649
2026-06-15
HIGH
7.1
Unauthenticated Cross Site Scripting (XSS) in Favicon Rotator
CVE-2026-42640
2026-06-15
MEDIUM
6.5
Unauthenticated Broken Access Control in Classified Listing
CVE-2026-42639
2026-06-15
CRITICAL
9.3
Unauthenticated SQL Injection in GD Rating System
CVE-2026-42411
2026-06-15
HIGH
8.1
Unauthenticated Broken Authentication in CloudSecure WP Security
CVE-2026-42386
2026-06-15
CRITICAL
9.3
Unauthenticated SQL Injection in Order Delivery Date for WooCommerce
CVE-2026-42384
2026-06-15
HIGH
7.5
Unauthenticated Sensitive Data Exposure in Simply Schedule Appointments < 1.6.11.2 versions.
CVE-2026-42381
2026-06-15
CRITICAL
9.3
Unauthenticated SQL Injection in Funnel Builder by FunnelKit
CVE-2026-42378
2026-06-15
MEDIUM
6.5
Subscriber Broken Authentication in WP Full Stripe Free
CVE-2026-41556
2026-06-15
MEDIUM
6.5
Subscriber Cross Site Scripting (XSS) in ProfilePress
CVE-2026-40799
2026-06-15
MEDIUM
5.3
Unauthenticated Broken Authentication in Simple Cloudflare Turnstile
CVE-2026-40798
2026-06-15
CRITICAL
9.3
Unauthenticated SQL Injection in wpForo Forum
CVE-2026-40796
2026-06-15
MEDIUM
6.5
Subscriber Sensitive Data Exposure in WPPizza
CVE-2026-40795
2026-06-15
MEDIUM
6.5
Subscriber Broken Access Control in Amelia
CVE-2026-40794
2026-06-15
MEDIUM
6.5
Subscriber Broken Access Control in myCred
CVE-2026-40793
2026-06-15
MEDIUM
6.5
Subscriber Broken Access Control in Groundhogg < 4.4.1 versions.
CVE-2026-40792
2026-06-15
MEDIUM
6.3
Subscriber Insecure Direct Object References (IDOR) in KiviCare
CVE-2026-40791
2026-06-15
HIGH
7.1
Unauthenticated Cross Site Scripting (XSS) in WP Time Slots Booking Form
CVE-2026-40790
2026-06-15
MEDIUM
6.5
Subscriber Sensitive Data Exposure in WP SMS
CVE-2026-40789
2026-06-15
HIGH
7.5
Unauthenticated Sensitive Data Exposure in Amelia
CVE-2026-40788
2026-06-15
HIGH
7.1
Subscriber Broken Access Control in ChatBot
CVE-2026-40787
2026-06-15
HIGH
7.1
Unauthenticated Cross Site Scripting (XSS) in Quiz And Survey Master
CVE-2026-40785
2026-06-15
HIGH
7.1
Subscriber Broken Authentication in AutomatorWP
CVE-2026-40782
2026-06-15
MEDIUM
6.5
Unauthenticated Broken Access Control in WPAdverts
CVE-2026-40781
2026-06-15
HIGH
7.5
Unauthenticated Broken Authentication in ReviewX
CVE-2026-40779
2026-06-15
HIGH
7.7
Contributor Arbitrary File Deletion in Link Library
CVE-2026-40776
2026-06-15
HIGH
7.5
Unauthenticated Broken Access Control in WP Event SOlution
CVE-2026-40775
2026-06-15
HIGH
7.3
Unauthenticated Broken Access Control in Royal MCP
CVE-2026-40774
2026-06-15
HIGH
7.5
Unauthenticated Broken Access Control in Booking Package
CVE-2026-40773
2026-06-15
MEDIUM
6.5
Subscriber Broken Access Control in rtMedia for WordPress, BuddyPress and bbPress
CVE-2026-40772
2026-06-15
CRITICAL
10.0
Unauthenticated Arbitrary File Upload in GeekyBot
CVE-2026-40771
2026-06-15
CRITICAL
9.3
Unauthenticated SQL Injection in Contest Gallery
CVE-2026-40770
2026-06-15
HIGH
7.1
Unauthenticated Cross Site Scripting (XSS) in Coupon Affiliates
CVE-2026-40769
2026-06-15
HIGH
8.6
Unauthenticated Arbitrary File Deletion in Contact Form Extender for Divi – Save Entries, File Upload & Country Code Field
CVE-2026-40767
2026-06-15
HIGH
7.5
Unauthenticated Broken Access Control in wpForo Forum < 3.0.2 versions.
CVE-2026-40766
2026-06-15
HIGH
8.5
Subscriber SQL Injection in MasterStudy LMS
CVE-2026-40762
2026-06-15
HIGH
7.5
Unauthenticated SQL Injection in WPGraphQL < 2.11.1 versions.
CVE-2026-40743
2026-06-15
MEDIUM
6.5
Unauthenticated Broken Access Control in Tutor LMS
CVE-2026-40741
2026-06-15
HIGH
7.5
Unauthenticated Broken Access Control in Redsys for WooCommerce Light
CVE-2026-40732
2026-06-15
HIGH
7.1
Unauthenticated Cross Site Scripting (XSS) in Notification for Telegram
CVE-2026-40727
2026-06-15
HIGH
7.7
Sales Representative Arbitrary File Deletion in Groundhogg
CVE-2026-39594
2026-06-15
MEDIUM
6.4
Subscriber Broken Access Control in Ultra Addons for WPForms
CVE-2026-39591
2026-06-15
CRITICAL
9.9
Subscriber Arbitrary File Upload in WP-BusinessDirectory
CVE-2026-39587
2026-06-15
HIGH
8.1
Unauthenticated Privilege Escalation in WP BASE Booking
CVE-2026-39584
2026-06-15
MEDIUM
6.5
Subscriber Broken Access Control in RepairBuddy
CVE-2026-39583
2026-06-15
CRITICAL
9.8
Unauthenticated Privilege Escalation in Datalogics Ecommerce Delivery
CVE-2026-39579
2026-06-15
HIGH
8.8
Contributor Privilege Escalation in B Blocks
CVE-2026-39540
2026-06-15
MEDIUM
6.5
Subscriber Cross Site Scripting (XSS) in Shipment Tracker for Woocommerce
CVE-2026-39534
2026-06-15
HIGH
7.5
Unauthenticated Broken Access Control in WP Directory Kit
« Anterior
Página 96 de 4528
Siguiente »
Page load link
Go to Top