Export limit exceeded: 335791 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (6956 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-32727 | 2024-11-21 | 5.3 Medium | ||
| Missing Authorization vulnerability in Rometheme RomethemeForm For Elementor.This issue affects RomethemeForm For Elementor: from n/a through 1.1.2. | ||||
| CVE-2024-32725 | 2024-11-21 | 5.3 Medium | ||
| Missing Authorization vulnerability in Saleswonder 5 Stars Rating Funnel.This issue affects 5 Stars Rating Funnel: from n/a through 1.2.67. | ||||
| CVE-2024-32719 | 2024-11-21 | 5.3 Medium | ||
| Missing Authorization vulnerability in WP Club Manager.This issue affects WP Club Manager: from n/a through 2.2.11. | ||||
| CVE-2024-32713 | 1 Autowriter | 1 Ai Post Generator \| Autowriter | 2024-11-21 | 5.4 Medium |
| Missing Authorization vulnerability in AutoWriter AI Post Generator | AutoWriter.This issue affects AI Post Generator | AutoWriter: from n/a through 3.3. | ||||
| CVE-2024-32705 | 1 Reputeinfosystems | 1 Arforms | 2024-11-21 | 7.1 High |
| Missing Authorization vulnerability in reputeinfosystems ARForms.This issue affects ARForms: from n/a through 6.4. | ||||
| CVE-2024-32704 | 1 Reputeinfosystems | 1 Arforms | 2024-11-21 | 7.1 High |
| Missing Authorization vulnerability in reputeinfosystems ARForms.This issue affects ARForms: from n/a through 6.4. | ||||
| CVE-2024-32703 | 1 Reputeinfosystems | 1 Arforms | 2024-11-21 | 7.7 High |
| Missing Authorization vulnerability in reputeinfosystems ARForms.This issue affects ARForms: from n/a through 6.4. | ||||
| CVE-2024-32701 | 1 Instawp | 1 Instawp Connect | 2024-11-21 | 4.3 Medium |
| Missing Authorization vulnerability in InstaWP Team InstaWP Connect.This issue affects InstaWP Connect: from n/a through 0.1.0.24. | ||||
| CVE-2024-32692 | 2024-11-21 | 8.2 High | ||
| Missing Authorization vulnerability in QuanticaLabs Chauffeur Taxi Booking System for WordPress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Chauffeur Taxi Booking System for WordPress: from n/a through 6.9. | ||||
| CVE-2024-32689 | 2024-11-21 | 4.3 Medium | ||
| Missing Authorization vulnerability in GenialSouls WP Social Comments.This issue affects WP Social Comments: from n/a through 1.7.3. | ||||
| CVE-2024-32679 | 1 Tammersoft | 1 Shared Files | 2024-11-21 | 5.3 Medium |
| Missing Authorization vulnerability in Shared Files PRO Shared Files.This issue affects Shared Files: from n/a through 1.7.16. | ||||
| CVE-2024-32678 | 2024-11-21 | 5.3 Medium | ||
| Missing Authorization vulnerability in TrackShip TrackShip for WooCommerce.This issue affects TrackShip for WooCommerce: from n/a through 1.7.5. | ||||
| CVE-2024-32675 | 1 Xfinity Soft | 1 Order Limit For Woocommerce | 2024-11-21 | 6.5 Medium |
| Missing Authorization vulnerability in Xfinity Soft Order Limit for WooCommerce.This issue affects Order Limit for WooCommerce: from n/a through 2.0.0. | ||||
| CVE-2024-32656 | 1 Ant-media | 1 Ant-media-server | 2024-11-21 | 7.8 High |
| Ant Media Server is live streaming engine software. A local privilege escalation vulnerability in present in versions 2.6.0 through 2.8.2 allows any unprivileged operating system user account to escalate privileges to the root user account on the system. This vulnerability arises from Ant Media Server running with Java Management Extensions (JMX) enabled and authentication disabled on localhost on port 5599/TCP. This vulnerability is nearly identical to the local privilege escalation vulnerability CVE-2023-26269 identified in Apache James. Any unprivileged operating system user can connect to the JMX service running on port 5599/TCP on localhost and leverage the MLet Bean within JMX to load a remote MBean from an attacker-controlled server. This allows an attacker to execute arbitrary code within the Java process run by Ant Media Server and execute code within the context of the `antmedia` service account on the system. Version 2.9.0 contains a patch for the issue. As a workaround, one may remove certain parameters from the `antmedia.service` file. | ||||
| CVE-2024-32601 | 1 Wordpress | 1 Popup Anything | 2024-11-21 | 5.3 Medium |
| Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Popup Anything.This issue affects Popup Anything: from n/a through 2.8. | ||||
| CVE-2024-32524 | 2024-11-21 | 4.3 Medium | ||
| Missing Authorization vulnerability in Nuggethon Custom Order Statuses for WooCommerce.This issue affects Custom Order Statuses for WooCommerce: from n/a through 1.5.2. | ||||
| CVE-2024-32522 | 2024-11-21 | 4.3 Medium | ||
| Missing Authorization vulnerability in Jaed Mosharraf & Pluginbazar Team Open Close WooCommerce Store.This issue affects Open Close WooCommerce Store: from n/a through 4.9.1. | ||||
| CVE-2024-32520 | 2024-11-21 | 4.3 Medium | ||
| Missing Authorization vulnerability in WPClever WPC Grouped Product for WooCommerce.This issue affects WPC Grouped Product for WooCommerce: from n/a through 4.4.2. | ||||
| CVE-2024-32519 | 2024-11-21 | 4.3 Medium | ||
| Missing Authorization vulnerability in GutenGeek GG Woo Feed for WooCommerce.This issue affects GG Woo Feed for WooCommerce: from n/a through 1.2.6. | ||||
| CVE-2024-32517 | 2024-11-21 | 4.3 Medium | ||
| Missing Authorization vulnerability in WooCommerce & WordPress Tutorials Custom Thank You Page Customize For WooCommerce by Binary Carpenter.This issue affects Custom Thank You Page Customize For WooCommerce by Binary Carpenter: from n/a through 1.4.12. | ||||