Total
6753 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-37203 | 2024-11-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Laybuy Laybuy Payment Extension for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Laybuy Payment Extension for WooCommerce: from n/a through 5.3.9. | |||||
| CVE-2024-37506 | 2024-11-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Charitable Donations & Fundraising Team Charitable allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Charitable: from n/a through 1.8.1.7. | |||||
| CVE-2024-37929 | 2024-11-01 | N/A | 6.3 MEDIUM | ||
| Missing Authorization vulnerability in solwin User Activity Log Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Activity Log Pro: from n/a through 2.3.4. | |||||
| CVE-2024-37468 | 2024-11-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in blazethemes Newsmatic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newsmatic: from n/a through 1.3.1. | |||||
| CVE-2024-37095 | 2024-11-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Envira Gallery Team Envira Photo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envira Photo Gallery: from n/a through 1.8.7.3. | |||||
| CVE-2024-43122 | 2024-11-01 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Creative Motion Robin image optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Robin image optimizer: from n/a through 1.6.9. | |||||
| CVE-2024-37411 | 2024-11-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Team Emilia Projects Progress Planner allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Progress Planner: from n/a through 0.9.1. | |||||
| CVE-2024-37269 | 2024-11-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in StylemixThemes Masterstudy Elementor Widgets allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Masterstudy Elementor Widgets: from n/a through 1.2.2. | |||||
| CVE-2024-43290 | 2024-11-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Atarim allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Atarim: from n/a through 4.0.1. | |||||
| CVE-2024-37456 | 2024-11-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Noptin Newsletter Noptin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Noptin: from n/a through 3.4.2. | |||||
| CVE-2024-37218 | 2024-11-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in WordPress Page Builder Sandwich Team Page Builder Sandwich – Front-End Page Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Page Builder Sandwich – Front-End Page Builder: from n/a through 5.1.0. | |||||
| CVE-2024-37123 | 2024-11-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in VowelWeb Ibtana allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ibtana: from n/a through 1.2.3.3. | |||||
| CVE-2024-37232 | 2024-11-01 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in Hercules Design Hercules Core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hercules Core: from n/a through 6.5. | |||||
| CVE-2024-38727 | 2024-11-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Seraphinite Solutions Seraphinite Post .DOCX Source allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Seraphinite Post .DOCX Source: from n/a through 2.16.9. | |||||
| CVE-2024-43143 | 2024-11-01 | N/A | 6.4 MEDIUM | ||
| Missing Authorization vulnerability in Roundup WP Registrations for the Events Calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Registrations for the Events Calendar: from n/a through 2.12.1. | |||||
| CVE-2024-37201 | 2024-11-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in javmah Woocommerce Customers Order History allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Woocommerce Customers Order History: from n/a through 5.2.2. | |||||
| CVE-2024-37475 | 2024-11-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Automattic Newspack Newsletters allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Newspack Newsletters: from n/a through 2.13.2. | |||||
| CVE-2024-39664 | 2024-11-01 | N/A | 7.3 HIGH | ||
| Missing Authorization vulnerability in YMC Filter & Grids allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Filter & Grids: from n/a through 2.8.33. | |||||
| CVE-2024-43285 | 2024-11-01 | N/A | 6.3 MEDIUM | ||
| Missing Authorization vulnerability in Presto Made, Inc Presto Player allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Presto Player: from n/a through 3.0.2. | |||||
| CVE-2024-9361 | 1 Giuliopanda | 1 Bulk Images Optimizer | 2024-11-01 | N/A | 4.3 MEDIUM |
| The Bulk images optimizer: Resize, optimize, convert to webp, rename … plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_configuration' function in all versions up to, and including, 2.0.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update plugin options. | |||||