Fullservices Full – Cliente

5 CVEs affecting Fullservices Full – Cliente. Latest disclosed: 2025-05-02. Critical: 0, High: 2.

Top CVEs affecting Fullservices Full – Cliente
CVESeverityScorePublishedSummary
CVE-2023-4243High8.82023-08-09The FULL - Customer plugin for WordPress is vulnerable to Arbitrary File Upload via the /install-plugin REST route in versions up to, and including, 2.2.3 due…
CVE-2024-6447High7.22024-07-11The FULL – Cliente plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the license plan parameter in all versions up to, and including, 3.1.1…
CVE-2024-12023Medium6.52025-05-02The FULL – Cliente plugin for WordPress is vulnerable to SQL Injection via the 'formId' parameter in all versions 3.1.5 to 3.1.25 due to insufficient escaping…
CVE-2024-9211Medium6.12024-10-11The FULL – Cliente plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate…
CVE-2023-4242Medium4.32023-08-09The FULL - Customer plugin for WordPress is vulnerable to Information Disclosure via the /health REST route in versions up to, and including, 2.2.3 due to impr…