Total
4907 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-1318 | 1 Themeisle | 1 Rss Aggregator By Feedzy | 2024-12-31 | N/A | 6.5 MEDIUM |
| The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'feedzy_wizard_step_process' and 'import_status' functions in all versions up to, and including, 4.4.2. This makes it possible for authenticated attackers, with Contributor access and above, who are normally restricted to only being able to create posts rather than pages, to draft and publish posts with arbitrary content. | |||||
| CVE-2024-56070 | 2024-12-31 | N/A | 7.4 HIGH | ||
| Missing Authorization vulnerability in Azzaroco WP SuperBackup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP SuperBackup: from n/a through 2.3.3. | |||||
| CVE-2024-56066 | 2024-12-31 | N/A | 9.8 CRITICAL | ||
| Missing Authorization vulnerability in Inspry Agency Toolkit allows Privilege Escalation.This issue affects Agency Toolkit: from n/a through 1.0.23. | |||||
| CVE-2024-56061 | 2024-12-31 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in Webful Creations Computer Repair Shop allows Privilege Escalation.This issue affects Computer Repair Shop: from n/a through 3.8119. | |||||
| CVE-2024-56002 | 2024-12-31 | N/A | 6.4 MEDIUM | ||
| Missing Authorization vulnerability in Porthas Inc. Contact Form, Survey & Form Builder – MightyForms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form, Survey & Form Builder – MightyForms: from n/a through 1.3.9. | |||||
| CVE-2024-55995 | 2024-12-31 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Torod Holding LTD Torod allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Torod: from n/a through 1.7. | |||||
| CVE-2024-51667 | 2024-12-31 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in David de Boer Paytium.This issue affects Paytium: from n/a through 4.4.10. | |||||
| CVE-2024-49698 | 2024-12-31 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in PriceListo Best Restaurant Menu by PriceListo.This issue affects Best Restaurant Menu by PriceListo: from n/a through 1.4.2. | |||||
| CVE-2024-49694 | 2024-12-31 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in imw3 My Wp Brand – Hide menu & Hide Plugin.This issue affects My Wp Brand – Hide menu & Hide Plugin: from n/a through 1.1.2. | |||||
| CVE-2024-49687 | 2024-12-31 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in StoreApps Smart Manager.This issue affects Smart Manager: from n/a through 8.45.0. | |||||
| CVE-2024-49686 | 2024-12-31 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Fatcat Apps Landing Page Cat.This issue affects Landing Page Cat: from n/a through 1.7.4. | |||||
| CVE-2024-56067 | 2024-12-31 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in Azzaroco WP SuperBackup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP SuperBackup: from n/a through 2.3.3. | |||||
| CVE-2024-56031 | 2024-12-31 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Yulio Aleman Jimenez Smart Shopify Product allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart Shopify Product: from n/a through 1.0.2. | |||||
| CVE-2024-55991 | 2024-12-31 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in WP-CRM WP-CRM System allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CRM System: from n/a through 3.2.9.1. | |||||
| CVE-2023-50850 | 2024-12-31 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Woo WooCommerce Subscriptions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Subscriptions: from n/a before 5.8.0. | |||||
| CVE-2023-48775 | 2024-12-31 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Gfazioli WP Cleanfix allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cleanfix: from n/a through 5.6.2. | |||||
| CVE-2024-56234 | 2024-12-31 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in VW THEMES VW Automobile Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Automobile Lite: from n/a through 2.1. | |||||
| CVE-2024-56225 | 2024-12-31 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Leap13 Premium Addons for Elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Premium Addons for Elementor: from n/a through 4.10.56. | |||||
| CVE-2024-56219 | 2024-12-31 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in MarketingFire Widget Options allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Widget Options: from n/a through 4.0.6.1. | |||||
| CVE-2024-56215 | 2024-12-31 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Stephen Sherrard Member Directory and Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Member Directory and Contact Form: from n/a through 1.7.0. | |||||