Total
4763 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-47362 | 1 Wpchill | 1 Strong Testimonials | 2024-11-05 | N/A | 8.8 HIGH |
| Missing Authorization vulnerability in WPChill Strong Testimonials allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Strong Testimonials: from n/a through 3.1.16. | |||||
| CVE-2024-9584 | 1 Webcraftplugins | 1 Image Map Pro | 2024-11-05 | N/A | 5.4 MEDIUM |
| The Image Map Pro plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the AJAX functions in versions up to, and including, 6.0.20. This makes it possible for authenticated attackers with contributor-level privileges or above, to add, update or delete map projects. | |||||
| CVE-2024-10598 | 1 Tongda2000 | 1 Office Anywhere | 2024-11-04 | 5.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability classified as critical was found in Tongda OA 11.2/11.3/11.4/11.5/11.6. This vulnerability affects unknown code of the file general/hr/setting/attendance/leave/data.php of the component Annual Leave Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-37456 | 2024-11-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Noptin Newsletter Noptin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Noptin: from n/a through 3.4.2. | |||||
| CVE-2024-37119 | 2024-11-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Uncanny Owl Uncanny Automator Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Uncanny Automator Pro: from n/a through 5.3.0.0. | |||||
| CVE-2024-43273 | 2024-11-01 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in icegram Icegram Collect plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Icegram Collect plugin: from n/a through 1.3.14. | |||||
| CVE-2024-43277 | 2024-11-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in AyeCode Ltd UsersWP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UsersWP: from n/a through 1.2.15. | |||||
| CVE-2024-37443 | 2024-11-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Automattic WP Job Manager - Resume Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Manager - Resume Manager: from n/a through 2.1.0. | |||||
| CVE-2024-38726 | 2024-11-01 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in PickPlugins Product Designer allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Product Designer: from n/a through 1.0.33. | |||||
| CVE-2024-37926 | 2024-11-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Alex Volkov WP Accessibility Helper (WAH) allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Accessibility Helper (WAH): from n/a through 0.6.2.9. | |||||
| CVE-2024-38792 | 2024-11-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in ConveyThis Translate Team Language Translate Widget for WordPress – ConveyThis allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Language Translate Widget for WordPress – ConveyThis: from n/a through 234. | |||||
| CVE-2024-37226 | 2024-11-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Kanban for WordPress Kanban Boards for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kanban Boards for WordPress: from n/a through 2.5.21. | |||||
| CVE-2024-38737 | 2024-11-01 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Reservation Diary ReDi Restaurant Reservation allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ReDi Restaurant Reservation: from n/a through 24.0422. | |||||
| CVE-2024-43154 | 2024-11-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in BracketSpace Advanced Cron Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Cron Manager – debug & control: from n/a through 2.5.9. | |||||
| CVE-2024-37929 | 2024-11-01 | N/A | 6.3 MEDIUM | ||
| Missing Authorization vulnerability in solwin User Activity Log Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Activity Log Pro: from n/a through 2.3.4. | |||||
| CVE-2024-43223 | 2024-11-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in EventPrime Events EventPrime allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventPrime: from n/a through 4.0.3.2. | |||||
| CVE-2024-37468 | 2024-11-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in blazethemes Newsmatic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newsmatic: from n/a through 1.3.1. | |||||
| CVE-2024-39635 | 2024-11-01 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in KaineLabs Youzify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Youzify: from n/a through 1.2.6. | |||||
| CVE-2024-39625 | 2024-11-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in icegram Icegram allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Icegram: from n/a through 3.1.24. | |||||
| CVE-2024-37276 | 2024-11-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in fifu.App Featured Image from URL allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Featured Image from URL: from n/a through 4.8.1. | |||||