Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
12057.0%HIGH

Related CVEs

2
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2025-3915The Aeropage Sync for Airtable plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'aeropageDeletePost' function in all versions up to, and including, 3.2.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary posts.MEDIUM4.318.6%Apr 26, 2025
CVE-2025-3914The Aeropage Sync for Airtable plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aeropage_media_downloader' function in all versions up to, and including, 3.2.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.HIGH8.895.5%Apr 26, 2025