|
2481
|
8.6 |
HIGH
Network
|
-
|
-
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in vanquish WooCommerce Support Ticket System woocommerce-support-ticket-system allows Path Traversal.This…
|
CWE-22
Path Traversal
|
CVE-2026-32522
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2482
|
8.6 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de Limitación Incorrecta de un Nombre de Ruta a un Directorio Restringido ('Salto de Ruta') en vanquish WooCommerce Support Ticket System woocommerce-support-ticket-system permite Salt…
|
CWE-22
Path Traversal
|
CVE-2026-32522
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2483
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Unrestricted Upload of File with Dangerous Type vulnerability in denishua WPJAM Basic wpjam-basic allows Using Malicious Files.This issue affects WPJAM Basic: from n/a through <= 6.9.2.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-32523
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2484
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Vulnerabilidad de carga sin restricciones de archivo con tipo peligroso en denishua WPJAM Basic wpjam-basic permite el uso de archivos maliciosos. Este problema afecta a WPJAM Basic: desde n/a hasta …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-32523
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2485
|
9.1 |
CRITICAL
Network
|
-
|
-
|
Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow Photo Engine wplr-sync allows Upload a Web Shell to a Web Server.This issue affects Photo Engine: from n/a through <= 6.4.9.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-32524
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2486
|
9.1 |
CRITICAL
Network
|
-
|
-
|
Una vulnerabilidad de carga sin restricciones de archivo con tipo peligroso en Jordy Meow Photo Engine wplr-sync permite cargar un shell web a un servidor web. Este problema afecta a Photo Engine: de…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-32524
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2487
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Improper Control of Generation of Code ('Code Injection') vulnerability in jetmonsters JetFormBuilder jetformbuilder allows Code Injection.This issue affects JetFormBuilder: from n/a through <= 3.5.6…
|
CWE-94
Code Injection
|
CVE-2026-32525
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2488
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Vulnerabilidad de Control Inadecuado de la Generación de Código ('Inyección de Código') en jetmonsters JetFormBuilder jetformbuilder permite la Inyección de Código. Este problema afecta a JetFormBuil…
|
CWE-94
Code Injection
|
CVE-2026-32525
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2489
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VillaTheme Abandoned Cart Recovery for WooCommerce woo-abandoned-cart-recovery allows Stored XSS.…
|
CWE-79
Cross-site Scripting
|
CVE-2026-32526
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2490
|
7.1 |
HIGH
Network
|
-
|
-
|
Neutralización Incorrecta de la Entrada Durante la Generación de Páginas Web ('cross-site scripting') vulnerabilidad en VillaTheme Abandoned Cart Recovery for WooCommerce woo-abandoned-cart-recovery …
|
CWE-79
Cross-site Scripting
|
CVE-2026-32526
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
