|
3611
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Unrestricted Upload of File with Dangerous Type vulnerability in denishua WPJAM Basic wpjam-basic allows Using Malicious Files.This issue affects WPJAM Basic: from n/a through <= 6.9.2.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-32523
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3612
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Vulnerabilidad de carga sin restricciones de archivo con tipo peligroso en denishua WPJAM Basic wpjam-basic permite el uso de archivos maliciosos. Este problema afecta a WPJAM Basic: desde n/a hasta …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-32523
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3613
|
9.1 |
CRITICAL
Network
|
-
|
-
|
Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow Photo Engine wplr-sync allows Upload a Web Shell to a Web Server.This issue affects Photo Engine: from n/a through <= 6.4.9.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-32524
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3614
|
9.1 |
CRITICAL
Network
|
-
|
-
|
Una vulnerabilidad de carga sin restricciones de archivo con tipo peligroso en Jordy Meow Photo Engine wplr-sync permite cargar un shell web a un servidor web. Este problema afecta a Photo Engine: de…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-32524
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3615
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Improper Control of Generation of Code ('Code Injection') vulnerability in jetmonsters JetFormBuilder jetformbuilder allows Code Injection.This issue affects JetFormBuilder: from n/a through <= 3.5.6…
|
CWE-94
Code Injection
|
CVE-2026-32525
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3616
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Vulnerabilidad de Control Inadecuado de la Generación de Código ('Inyección de Código') en jetmonsters JetFormBuilder jetformbuilder permite la Inyección de Código. Este problema afecta a JetFormBuil…
|
CWE-94
Code Injection
|
CVE-2026-32525
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3617
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VillaTheme Abandoned Cart Recovery for WooCommerce woo-abandoned-cart-recovery allows Stored XSS.…
|
CWE-79
Cross-site Scripting
|
CVE-2026-32526
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3618
|
7.1 |
HIGH
Network
|
-
|
-
|
Neutralización Incorrecta de la Entrada Durante la Generación de Páginas Web ('cross-site scripting') vulnerabilidad en VillaTheme Abandoned Cart Recovery for WooCommerce woo-abandoned-cart-recovery …
|
CWE-79
Cross-site Scripting
|
CVE-2026-32526
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3619
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in CRM Perks WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms cf7-insightly allows Exploiting Incorrectly Configured Access Control …
|
CWE-862
Missing Authorization
|
CVE-2026-32527
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3620
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Vulnerabilidad de autorización faltante en CRM Perks WP Insightly para Contact Form 7, WPForms, Elementor, Formidable y Ninja Forms cf7-insightly permite la explotación de niveles de seguridad de con…
|
CWE-862
Missing Authorization
|
CVE-2026-32527
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
