Total
4648 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-51498 | 2024-11-21 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Woo WooCommerce Canada Post Shipping.This issue affects WooCommerce Canada Post Shipping: from n/a through 2.8.3. | |||||
| CVE-2023-51497 | 1 Woocommerce | 1 Shipping Multiple Addresses | 2024-11-21 | N/A | 5.4 MEDIUM |
| Missing Authorization vulnerability in Woo WooCommerce Ship to Multiple Addresses.This issue affects WooCommerce Ship to Multiple Addresses: from n/a through 3.8.9. | |||||
| CVE-2023-51496 | 1 Woocommerce | 1 Returns And Warranty Requests | 2024-11-21 | N/A | 5.3 MEDIUM |
| Missing Authorization vulnerability in Woo WooCommerce Warranty Requests.This issue affects WooCommerce Warranty Requests: from n/a through 2.2.7. | |||||
| CVE-2023-51495 | 1 Woocommerce | 1 Returns And Warranty Requests | 2024-11-21 | N/A | 6.5 MEDIUM |
| Missing Authorization vulnerability in Woo WooCommerce Warranty Requests.This issue affects WooCommerce Warranty Requests: from n/a through 2.2.7. | |||||
| CVE-2023-51494 | 1 Woocommerce | 1 Product Vendors | 2024-11-21 | N/A | 5.3 MEDIUM |
| Missing Authorization vulnerability in Woo WooCommerce Product Vendors.This issue affects WooCommerce Product Vendors: from n/a through 2.2.1. | |||||
| CVE-2023-51418 | 2024-11-21 | N/A | 7.7 HIGH | ||
| Missing Authorization vulnerability in Joris van Montfort JVM rich text icons.This issue affects JVM rich text icons: from n/a through 1.2.6. | |||||
| CVE-2023-51413 | 2024-11-21 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Piotnet Forms.This issue affects Piotnet Forms: from n/a through 1.0.29. | |||||
| CVE-2023-51377 | 1 Wpeverest | 1 Everest Forms | 2024-11-21 | N/A | 5.3 MEDIUM |
| Missing Authorization vulnerability in WPEverest Everest Forms.This issue affects Everest Forms: from n/a through 2.0.3. | |||||
| CVE-2023-51376 | 1 Brainstormforce | 1 Surefeedback | 2024-11-21 | N/A | 4.3 MEDIUM |
| Missing Authorization vulnerability in Brainstorm Force ProjectHuddle Client Site.This issue affects ProjectHuddle Client Site: from n/a through 1.0.34. | |||||
| CVE-2023-51375 | 1 Wpdeveloper | 1 Embedpress | 2024-11-21 | N/A | 4.3 MEDIUM |
| Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.8.3. | |||||
| CVE-2023-50976 | 1 Redpanda | 1 Redpanda | 2024-11-21 | N/A | 9.8 CRITICAL |
| Redpanda before 23.1.21 and 23.2.x before 23.2.18 has missing authorization checks in the Transactions API. | |||||
| CVE-2023-50779 | 1 Jenkins | 1 Paaslane Estimate | 2024-11-21 | N/A | 4.3 MEDIUM |
| Missing permission checks in Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified URL using an attacker-specified token. | |||||
| CVE-2023-50769 | 1 Jenkins | 1 Nexus Platform | 2024-11-21 | N/A | 4.3 MEDIUM |
| Missing permission checks in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | |||||
| CVE-2023-50767 | 1 Jenkins | 1 Nexus Platform | 2024-11-21 | N/A | 5.4 MEDIUM |
| Missing permission checks in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML. | |||||
| CVE-2023-50765 | 1 Jenkins | 1 Scriptler | 2024-11-21 | N/A | 4.3 MEDIUM |
| A missing permission check in Jenkins Scriptler Plugin 342.v6a_89fd40f466 and earlier allows attackers with Overall/Read permission to read the contents of a Groovy script by knowing its ID. | |||||
| CVE-2023-4943 | 1 Pluginus | 1 Bear - Woocommerce Bulk Editor And Products Manager Professional | 2024-11-21 | N/A | 4.3 MEDIUM |
| The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3. This is due to a missing capability check on the woobe_bulkoperations_visibility function. This makes it possible for authenticated attackers (subscriber or higher) to manipulate products. | |||||
| CVE-2023-4941 | 1 Pluginus | 1 Bear - Woocommerce Bulk Editor And Products Manager Professional | 2024-11-21 | N/A | 4.3 MEDIUM |
| The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3. This is due to a missing capability check on the woobe_bulkoperations_swap function. This makes it possible for authenticated attackers (subscriber or higher) to manipulate products. | |||||
| CVE-2023-4938 | 1 Pluginus | 1 Bear - Woocommerce Bulk Editor And Products Manager Professional | 2024-11-21 | N/A | 4.3 MEDIUM |
| The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3. This is due to a missing capability check on the woobe_bulkoperations_apply_default_combination function. This makes it possible for authenticated attackers (subscriber or higher) to manipulate products. | |||||
| CVE-2023-4895 | 1 Gitlab | 1 Gitlab | 2024-11-21 | N/A | 4.3 MEDIUM |
| An issue has been discovered in GitLab EE affecting all versions starting from 12.0 to 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. This vulnerability allows for bypassing the 'group ip restriction' settings to access environment details of projects | |||||
| CVE-2023-4700 | 1 Gitlab | 1 Gitlab | 2024-11-21 | N/A | 3.5 LOW |
| An authorization issue affecting GitLab EE affecting all versions from 14.7 prior to 16.3.6, 16.4 prior to 16.4.2, and 16.5 prior to 16.5.1, allowed a user to run jobs in protected environments, bypassing any required approvals. | |||||