CVE-2025-66529
- EPSS 0.02%
- Veröffentlicht 09.12.2025 14:13:53
- Zuletzt bearbeitet 11.12.2025 20:16:30
Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Chartify chart-builder allows Cross Site Request Forgery.This issue affects Chartify: from n/a through <= 3.6.3.
CVE-2025-11171
- EPSS 0.28%
- Veröffentlicht 08.10.2025 05:24:49
- Zuletzt bearbeitet 08.10.2025 19:38:09
The Chartify – WordPress Chart Plugin for WordPress is vulnerable to Missing Authentication for Critical Function in all versions up to, and including, 3.5.9. This is due to the plugin registering an unauthenticated AJAX action that dispatches to adm...
CVE-2025-54673
- EPSS 0.02%
- Veröffentlicht 14.08.2025 10:34:40
- Zuletzt bearbeitet 14.08.2025 13:11:53
Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Chartify allows Cross Site Request Forgery. This issue affects Chartify: from n/a through 3.5.3.
CVE-2025-30904
- EPSS 0.04%
- Veröffentlicht 27.03.2025 10:55:51
- Zuletzt bearbeitet 27.03.2025 16:45:12
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Chartify allows Stored XSS. This issue affects Chartify: from n/a through 3.1.7.
CVE-2024-10571
- EPSS 81.08%
- Veröffentlicht 14.11.2024 11:15:04
- Zuletzt bearbeitet 19.11.2024 15:46:52
The Chartify – WordPress Chart Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.9.5 via the 'source' parameter. This makes it possible for unauthenticated attackers to include and execute arbit...
CVE-2023-47526
- EPSS 0.05%
- Veröffentlicht 12.02.2024 07:15:07
- Zuletzt bearbeitet 21.11.2024 08:30:23
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chart Builder Team Chartify – WordPress Chart Plugin allows Stored XSS.This issue affects Chartify – WordPress Chart Plugin: from n/a through 2.0.6....