Export limit exceeded: 337207 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9613 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-22304 | 2025-01-07 | 4.3 Medium | ||
| Missing Authorization vulnerability in osamaesh WP Visitor Statistics (Real Time Traffic) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through 7.3. | ||||
| CVE-2024-10866 | 2025-01-07 | 5.3 Medium | ||
| The Export Import Menus plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the dsp_export_import_menus() function in all versions up to, and including, 1.9.1. This makes it possible for unauthenticated attackers to export menu data and settings. | ||||
| CVE-2024-1649 | 1 Frenify | 1 Categorify | 2025-01-07 | 4.3 Medium |
| The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxDeleteCategory function in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete categories. | ||||
| CVE-2024-1650 | 1 Frenify | 1 Categorify | 2025-01-07 | 4.3 Medium |
| The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxRenameCategory function in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to rename categories. | ||||
| CVE-2024-1652 | 1 Frenify | 1 Categorify | 2025-01-07 | 4.3 Medium |
| The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxClearCategory function in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to clear categories. | ||||
| CVE-2025-22298 | 2025-01-07 | 4.3 Medium | ||
| Missing Authorization vulnerability in Hive Support Hive Support – WordPress Help Desk allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hive Support – WordPress Help Desk: from n/a through 1.1.6. | ||||
| CVE-2024-56271 | 2025-01-07 | 4.3 Medium | ||
| Missing Authorization vulnerability in SecureSubmit WP SecureSubmit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP SecureSubmit: from n/a through 1.5.16. | ||||
| CVE-2024-51651 | 2025-01-07 | 5.3 Medium | ||
| Missing Authorization vulnerability in CubeWP CubeWP Forms – All-in-One Form Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CubeWP Forms – All-in-One Form Builder: from n/a through 1.1.5. | ||||
| CVE-2023-34958 | 1 Chamilo | 1 Chamilo Lms | 2025-01-06 | 4.3 Medium |
| Incorrect access control in Chamilo 1.11.* up to 1.11.18 allows a student subscribed to a given course to download documents belonging to another student if they know the document's ID. | ||||
| CVE-2023-32749 | 1 Pydio | 1 Cells | 2025-01-06 | 8.8 High |
| Pydio Cells allows users by default to create so-called external users in order to share files with them. By modifying the HTTP request sent when creating such an external user, it is possible to assign the new user arbitrary roles. By assigning all roles to a newly created user, access to all cells and non-personal workspaces is granted. | ||||
| CVE-2023-44988 | 2025-01-06 | 4.3 Medium | ||
| Missing Authorization vulnerability in Martin Gibson WP Custom Admin Interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: from n/a through 7.32. | ||||
| CVE-2023-45045 | 2025-01-06 | 5.4 Medium | ||
| Missing Authorization vulnerability in Kishor Khambu WP Custom Widget area allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Widget area: from n/a through 1.2.5. | ||||
| CVE-2023-45061 | 2025-01-06 | 5.3 Medium | ||
| Missing Authorization vulnerability in AWSM Innovations WP Job Openings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Openings: from n/a through 3.4.1. | ||||
| CVE-2023-45110 | 2025-01-06 | 4.3 Medium | ||
| Missing Authorization vulnerability in BoldThemes Bold Timeline Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bold Timeline Lite: from n/a through 1.1.9. | ||||
| CVE-2023-45271 | 2025-01-06 | 4.3 Medium | ||
| Missing Authorization vulnerability in WowStore Team ProductX – Gutenberg WooCommerce Blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ProductX – Gutenberg WooCommerce Blocks: from n/a through 2.7.8. | ||||
| CVE-2023-45275 | 2025-01-06 | 6.5 Medium | ||
| Missing Authorization vulnerability in Kali Forms Contact Form builder with drag & drop - Kali Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form builder with drag & drop - Kali Forms: from n/a through 2.3.28. | ||||
| CVE-2023-45636 | 2025-01-06 | 5.4 Medium | ||
| Missing Authorization vulnerability in WebToffee WordPress Backup & Migration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Backup & Migration: from n/a through 1.4.1. | ||||
| CVE-2023-45649 | 2025-01-06 | 5.3 Medium | ||
| Missing Authorization vulnerability in CodePeople Appointment Hour Booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Appointment Hour Booking: from n/a through 1.4.23. | ||||
| CVE-2023-29766 | 1 Appcrossx | 1 Crossx | 2025-01-06 | 7.8 High |
| An issue found in CrossX v.1.15.3 for Android allows a local attacker to cause an escalation of Privileges via the database files. | ||||
| CVE-2023-29761 | 1 Urbanandroid | 1 Sleep | 2025-01-06 | 5.5 Medium |
| An issue found in Sleep v.20230303 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files. | ||||