Skip to content
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
CVE:
Aplicar
Borrar filtros
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2026-39533
2026-06-15
HIGH
7.5
Unauthenticated Broken Access Control in AWP Classifieds
CVE-2026-39532
2026-06-15
HIGH
8.8
Contributor PHP Object Injection in Events Calendar for GeoDirectory
CVE-2026-39530
2026-06-15
CRITICAL
9.3
Unauthenticated SQL Injection in SpeakOut! Email Petitions
CVE-2026-39527
2026-06-15
MEDIUM
5.4
Subscriber Arbitrary File Upload in WpStream < 4.11.2 versions.
CVE-2026-39525
2026-06-15
MEDIUM
6.5
Unauthenticated Broken Access Control in Booking Activities
CVE-2026-39524
2026-06-15
HIGH
7.5
Unauthenticated Broken Access Control in Masteriyo - LMS
CVE-2026-39519
2026-06-15
CRITICAL
9.3
Unauthenticated SQL Injection in GeekyBot
CVE-2026-39518
2026-06-15
HIGH
7.1
Subscriber Insecure Direct Object References (IDOR) in EventPrime
CVE-2026-39515
2026-06-15
MEDIUM
6.5
Subscriber Broken Access Control in Motors < 1.4.107 versions.
CVE-2026-39514
2026-06-15
HIGH
7.1
Unauthenticated Cross Site Scripting (XSS) in Paid Member Subscriptions
CVE-2026-39513
2026-06-15
HIGH
7.5
Unauthenticated Broken Access Control in Easy Appointments
CVE-2026-39512
2026-06-15
CRITICAL
9.3
Unauthenticated SQL Injection in GeoDirectory
CVE-2026-39511
2026-06-15
CRITICAL
9.3
Unauthenticated SQL Injection in WP Photo Album Plus
CVE-2026-39507
2026-06-15
HIGH
7.1
Unauthenticated Cross Site Scripting (XSS) in Social Slider Feed
CVE-2026-39503
2026-06-15
HIGH
7.5
Unauthenticated Broken Access Control in Easy Digital Downloads
CVE-2026-39502
2026-06-15
CRITICAL
9.3
Unauthenticated SQL Injection in Form Maker by 10Web
CVE-2026-39499
2026-06-15
HIGH
7.2
Shop manager PHP Object Injection in Advanced Product Fields (Product Addons) for WooCommerce
CVE-2026-39498
2026-06-15
HIGH
7.2
Shop manager PHP Object Injection in YayMail
CVE-2026-39493
2026-06-15
CRITICAL
9.3
Unauthenticated SQL Injection in Simply Schedule Appointments
CVE-2026-39492
2026-06-15
CRITICAL
9.3
Unauthenticated SQL Injection in WP Maps
CVE-2026-39491
2026-06-15
MEDIUM
6.5
Subscriber Cross Site Scripting (XSS) in JupiterX Core
CVE-2026-39489
2026-06-15
MEDIUM
4.4
Author Arbitrary File Download in Download Monitor
CVE-2026-39481
2026-06-15
HIGH
7.2
Author PHP Object Injection in Modula Image Gallery
CVE-2026-39480
2026-06-15
HIGH
7.5
Unauthenticated Sensitive Data Exposure in Backup Migration
CVE-2026-39478
2026-06-15
HIGH
8.8
Contributor PHP Object Injection in Anti-Malware Security and Brute-Force Firewall
CVE-2026-39474
2026-06-15
HIGH
8.8
Contributor PHP Object Injection in Post Duplicator
CVE-2026-39472
2026-06-15
HIGH
7.2
Shop manager PHP Object Injection in WooCommerce PDF Invoices & Packing Slips < 5.9.0 versions.
CVE-2026-39471
2026-06-15
HIGH
7.2
Author PHP Object Injection in ShortPixel Image Optimizer
CVE-2026-39470
2026-06-15
HIGH
7.2
Shop manager Privilege Escalation in WooCommerce Cart Abandonment Recovery < 2.1.0 versions.
CVE-2026-39468
2026-06-15
MEDIUM
6.8
Contributor Arbitrary File Deletion in Meta Box – WordPress Custom Fields Framework
CVE-2026-39465
2026-06-15
CRITICAL
9.1
Editor Remote Code Execution (RCE) in Responsive Slider by MetaSlider
CVE-2026-39463
2026-06-15
HIGH
7.1
Unauthenticated Cross Site Scripting (XSS) in ManageWP Worker
CVE-2026-39451
2026-06-15
MEDIUM
6.3
Unauthenticated Cross Site Scripting (XSS) in WP Google Review Slider
CVE-2026-39450
2026-06-15
HIGH
7.1
Subscriber Broken Authentication in FunnelKit Automations
CVE-2026-39449
2026-06-15
HIGH
7.1
Unauthenticated Cross Site Scripting (XSS) in Contact Form to Any API
CVE-2026-39447
2026-06-15
HIGH
7.1
Unauthenticated Cross Site Scripting (XSS) in Simply Schedule Appointments
CVE-2026-39441
2026-06-15
CRITICAL
9.3
Unauthenticated SQL Injection in Feed KuantoKusta for WooCommerce – Free
CVE-2026-39435
2026-06-15
HIGH
7.1
Unauthenticated Cross Site Scripting (XSS) in CformsII
CVE-2026-39434
2026-06-15
HIGH
7.2
Shop manager PHP Object Injection in CTX Feed
CVE-2026-34902
2026-06-15
HIGH
7.1
Unauthenticated Cross Site Scripting (XSS) in WooCommerce Product Table Lite
CVE-2026-34901
2026-06-15
CRITICAL
9.8
Unauthenticated Privilege Escalation in iControlWP
CVE-2026-34900
2026-06-15
HIGH
7.1
Unauthenticated Cross Site Scripting (XSS) in GiveWP
CVE-2026-34898
2026-06-15
HIGH
7.5
Unauthenticated Broken Access Control in Event Tickets Manager for WooCommerce
CVE-2026-34892
2026-06-15
MEDIUM
6.5
Subscriber Broken Access Control in Rank Math SEO
CVE-2026-34891
2026-06-15
HIGH
7.5
Unauthenticated Sensitive Data Exposure in IDPay Payment Gateway for Woocommerce
CVE-2026-34886
2026-06-15
HIGH
7.5
Unauthenticated Broken Access Control in Simple Membership
CVE-2026-27407
2026-06-15
HIGH
7.2
Editor Privilege Escalation in AI Engine
CVE-2026-27333
2026-06-15
HIGH
8.1
Unauthenticated Deserialization of untrusted data in Paid Videochat Turnkey Site
CVE-2026-27089
2026-06-15
HIGH
7.5
Unauthenticated Bypass Vulnerability in WpTravelly
CVE-2026-27053
2026-06-15
CRITICAL
9.8
Unauthenticated PHP Object Injection in Broadcast Live Video < 7.1.3 versions.
« Anterior
Página 97 de 4528
Siguiente »
Page load link
Go to Top