Total
4648 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-5321 | 1 Hamza417 | 1 Inure | 2024-11-21 | N/A | 5.5 MEDIUM |
| Missing Authorization in GitHub repository hamza417/inure prior to build94. | |||||
| CVE-2023-5311 | 1 Wpvnteam | 1 Wp Extra | 2024-11-21 | N/A | 8.8 HIGH |
| The WP EXtra plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the register() function in versions up to, and including, 6.2. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to modify the contents of the .htaccess files located in a site's root directory or /wp-content and /wp-includes folders and achieve remote code execution. | |||||
| CVE-2023-5251 | 1 G5theme | 1 Grid Plus | 2024-11-21 | N/A | 5.4 MEDIUM |
| The Grid Plus plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'grid_plus_save_layout_callback' and 'grid_plus_delete_callback' functions in versions up to, and including, 1.3.2. This makes it possible for authenticated attackers with subscriber privileges or above, to add, update or delete grid layout. | |||||
| CVE-2023-5165 | 1 Docker | 1 Docker Desktop | 2024-11-21 | N/A | 7.1 HIGH |
| Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business customers only and assumes an environment where users are not granted local root or Administrator privileges. This issue has been fixed in Docker Desktop 4.23.0. Affected Docker Desktop versions: from 4.13.0 before 4.23.0. | |||||
| CVE-2023-5132 | 1 Soisy | 1 Soisy Pagamento Rateale | 2024-11-21 | N/A | 7.5 HIGH |
| The Soisy Pagamento Rateale plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the parseRemoteRequest function in versions up to, and including, 6.0.1. This makes it possible for unauthenticated attackers with knowledge of an existing WooCommerce Order ID to expose sensitive WooCommerce order information (e.g., Name, Address, Email Address, and other order metadata). | |||||
| CVE-2023-5061 | 1 Gitlab | 1 Gitlab | 2024-11-21 | N/A | 4.3 MEDIUM |
| An issue has been discovered in GitLab affecting all versions starting from 9.3 before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions starting from 16.6 before 16.6.2. In certain situations, it may have been possible for developers to override predefined CI variables via the REST API. | |||||
| CVE-2023-5056 | 1 Redhat | 2 Enterprise Linux, Service Interconnect | 2024-11-21 | N/A | 6.8 MEDIUM |
| A flaw was found in the Skupper operator, which may permit a certain configuration to create a service account that would allow an authenticated attacker in the adjacent cluster to view deployments in all namespaces in the cluster. This issue permits unauthorized viewing of information outside of the user's purview. | |||||
| CVE-2023-52275 | 1 Tecno-mobile | 2 Camon X, Camon X Firmware | 2024-11-21 | N/A | 2.1 LOW |
| Gallery3d on Tecno Camon X CA7 devices allows attackers to view hidden images by navigating to data/com.android.gallery3d/.privatealbum/.encryptfiles and guessing the correct image file extension. | |||||
| CVE-2023-52233 | 1 Wpexperts | 1 Post Smtp Mailer | 2024-11-21 | N/A | 8.6 HIGH |
| Missing Authorization vulnerability in Post SMTP Post SMTP Mailer/Email Log.This issue affects Post SMTP Mailer/Email Log: from n/a through 2.8.6. | |||||
| CVE-2023-52232 | 1 Booster | 1 Booster For Woocommerce | 2024-11-21 | N/A | 6.5 MEDIUM |
| Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before 7.1.2. | |||||
| CVE-2023-52230 | 1 Booster | 1 Booster For Woocommerce | 2024-11-21 | N/A | 6.5 MEDIUM |
| Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before 7.1.3. | |||||
| CVE-2023-52229 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Save as PDF plugin by Pdfcrowd Word Replacer Pro.This issue affects Word Replacer Pro: from n/a through 1.0. | |||||
| CVE-2023-52227 | 2024-11-21 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in MailerLite MailerLite – WooCommerce integration.This issue affects MailerLite – WooCommerce integration: from n/a through 2.0.8. | |||||
| CVE-2023-52224 | 2024-11-21 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Revolut Revolut Gateway for WooCommerce.This issue affects Revolut Gateway for WooCommerce: from n/a through 4.9.7. | |||||
| CVE-2023-52220 | 2024-11-21 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in MonsterInsights Google Analytics by Monster Insights.This issue affects Google Analytics by Monster Insights: from n/a through 8.21.0. | |||||
| CVE-2023-52217 | 1 Wedevs | 1 Woocommerce Conversion Tracking | 2024-11-21 | N/A | 4.3 MEDIUM |
| Missing Authorization vulnerability in weDevs WooCommerce Conversion Tracking.This issue affects WooCommerce Conversion Tracking: from n/a through 2.0.11. | |||||
| CVE-2023-52211 | 2024-11-21 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Automattic WP Job Manager.This issue affects WP Job Manager: from n/a through 2.0.0. | |||||
| CVE-2023-52199 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Matthias Pfefferle & Automattic ActivityPub.This issue affects ActivityPub: from n/a through 1.0.5. | |||||
| CVE-2023-52186 | 1 Woo | 1 Product Vendors | 2024-11-21 | N/A | 5.3 MEDIUM |
| Missing Authorization vulnerability in Woo WooCommerce Product Vendors.This issue affects WooCommerce Product Vendors: from n/a through 2.2.2. | |||||
| CVE-2023-52183 | 2024-11-21 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in WebToffee WordPress Backup & Migration.This issue affects WordPress Backup & Migration: from n/a through 1.4.3. | |||||