Total
2028 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-43153 | 2024-08-13 | N/A | 9.8 CRITICAL | ||
| Improper Privilege Management vulnerability in WofficeIO Woffice allows Privilege Escalation.This issue affects Woffice: from n/a through 5.4.10. | |||||
| CVE-2024-41949 | 1 Biscuitsec | 1 Biscuit-auth | 2024-08-09 | N/A | 6.4 MEDIUM |
| biscuit-rust is the Rust implementation of Biscuit, an authentication and authorization token for microservices architectures. Third-party blocks can be generated without transferring the whole token to the third-party authority. Instead, a ThirdPartyBlock request can be sent, providing only the necessary info to generate a third-party block and to sign it, which includes the public key of the previous block (used in the signature) and the public keys part of the token symbol table (for public key interning in datalog expressions). A third-part block request forged by a malicious user can trick the third-party authority into generating datalog trusting the wrong keypair. | |||||
| CVE-2024-7291 | 2024-08-05 | N/A | 7.2 HIGH | ||
| The JetFormBuilder plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.3.4.1. This is due to improper restriction on user meta fields. This makes it possible for authenticated attackers, with administrator-level and above permissions, to register as super-admins on the sites configured as multi-sites. | |||||
| CVE-2024-39633 | 2024-08-02 | N/A | 8.8 HIGH | ||
| Improper Privilege Management vulnerability in IdeaBox PowerPack for Beaver Builder allows Privilege Escalation.This issue affects PowerPack for Beaver Builder: from n/a through 2.33.0. | |||||
| CVE-2024-38775 | 2024-08-02 | N/A | 7.2 HIGH | ||
| Improper Privilege Management vulnerability in WebAppick CTX Feed allows Privilege Escalation.This issue affects CTX Feed: from n/a through 6.5.6. | |||||
| CVE-2024-39634 | 2024-08-02 | N/A | 8.8 HIGH | ||
| Improper Privilege Management vulnerability in IdeaBox PowerPack Pro for Elementor allows Privilege Escalation.This issue affects PowerPack Pro for Elementor: from n/a through 2.10.14. | |||||
| CVE-2023-52209 | 2024-08-02 | N/A | 8.0 HIGH | ||
| Improper Privilege Management vulnerability in WPForms, LLC. WPForms User Registration allows Privilege Escalation.This issue affects WPForms User Registration: from n/a through 2.1.0. | |||||
| CVE-2024-38770 | 2024-08-02 | N/A | 9.8 CRITICAL | ||
| Improper Privilege Management vulnerability in Revmakx Backup and Staging by WP Time Capsule allows Privilege Escalation, Authentication Bypass.This issue affects Backup and Staging by WP Time Capsule: from n/a through 1.22.20. | |||||