Total
4649 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-10527 | 2025-01-07 | N/A | 3.1 LOW | ||
| The Spacer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the motech_spacer_callback() function in all versions up to, and including, 3.0.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view limited setting information. | |||||
| CVE-2024-12559 | 2025-01-07 | N/A | 5.3 MEDIUM | ||
| The ClickDesigns plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'clickdesigns_add_api' and the 'clickdesigns_remove_api' functions in all versions up to, and including, 1.8.0. This makes it possible for unauthenticated attackers to modify or remove the plugin's API key. | |||||
| CVE-2025-22385 | 2025-01-06 | N/A | 5.9 MEDIUM | ||
| An issue was discovered in Optimizely Configured Commerce before 5.2.2408. For newly created accounts, the Commerce B2B application does not require email confirmation. This medium-severity issue allows the mass creation of accounts. This could affect database storage; also, non-requested storefront accounts can be created on behalf of visitors. | |||||
| CVE-2024-56349 | 1 Jetbrains | 1 Teamcity | 2025-01-02 | N/A | 5.3 MEDIUM |
| In JetBrains TeamCity before 2024.12 improper access control allowed unauthorized users to modify build logs | |||||
| CVE-2023-48683 | 2025-01-02 | N/A | 7.1 HIGH | ||
| Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 37758, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169. | |||||
| CVE-2023-45247 | 4 Acronis, Apple, Linux and 1 more | 4 Agent, Macos, Linux Kernel and 1 more | 2025-01-02 | N/A | 7.1 HIGH |
| Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 36497, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169. | |||||
| CVE-2023-45246 | 4 Acronis, Apple, Linux and 1 more | 4 Agent, Macos, Linux Kernel and 1 more | 2025-01-02 | N/A | 7.1 HIGH |
| Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 36343, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169. | |||||
| CVE-2022-47601 | 2025-01-02 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in JoomUnited WP Table Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Table Manager: from n/a through 3.5.2. | |||||
| CVE-2022-45811 | 2025-01-02 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in WeyHan Ng Post Teaser.This issue affects Post Teaser: from n/a through 4.1.5. | |||||
| CVE-2023-48758 | 2025-01-02 | N/A | 7.1 HIGH | ||
| Missing Authorization vulnerability in Crocoblock JetEngine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetEngine: from n/a through 3.2.4. | |||||
| CVE-2023-48739 | 2025-01-02 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Porto Theme Porto Theme - Functionality allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Porto Theme - Functionality: from n/a before 2.12.1. | |||||
| CVE-2023-47778 | 2025-01-02 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in LuckyWP LuckyWP Scripts Control allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LuckyWP Scripts Control: from n/a through 1.2.1. | |||||
| CVE-2023-45633 | 2025-01-02 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in IDX IMPress Listings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IMPress Listings: from n/a through 2.6.2. | |||||
| CVE-2023-40327 | 2025-01-02 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Putler / Storeapps Putler Connector for WooCommerce.This issue affects Putler Connector for WooCommerce: from n/a through 2.12.0. | |||||
| CVE-2023-39994 | 2025-01-02 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Repute InfoSystems ARMember Premium allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ARMember Premium: from n/a through 5.9.2. | |||||
| CVE-2023-32240 | 2025-01-02 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Xtemos WoodMart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WoodMart: from n/a through 7.2.1. | |||||
| CVE-2022-45830 | 2025-01-02 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Analytify.This issue affects Analytify: from n/a through 4.2.3. | |||||
| CVE-2022-43476 | 2025-01-02 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Subscribe to Category: from n/a through 2.7.4. | |||||
| CVE-2022-41995 | 2025-01-02 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Galleryape Gallery Images Ape allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gallery Images Ape: from n/a through 2.2.8. | |||||
| CVE-2024-56255 | 2025-01-02 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in AyeCode AyeCode Connect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AyeCode Connect: from n/a through 1.3.8. | |||||