Every CVE whose affected-product data names Iest Winplus, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2025-41346 — CVSS 9.8 (critical): Faulty authorization control in software WinPlus v24.11.27 by Informática del Este that allows another user to be impersonated simply by…
CVE-2025-41347 — CVSS 9.8 (critical): Unlimited upload vulnerability for dangerous file types in WinPlus v24.11.27 from Informática del Este. This vulnerability allows an…
CVE-2025-41348 — CVSS 9.8 (critical): SQL injection vulnerability in WinPlus v24.11.27 by Informática del Este. This vulnerability allows an attacker recover, create, update an…
CVE-2025-41349 — CVSS 5.4 (medium): Stored Cross-site Scripting (XSS)vylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored…
CVE-2025-41350 — CVSS 5.4 (medium): Stored Cross-site Scripting (XSS)vylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored…