Total
6931 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-56009 | 2024-12-16 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in spreadr Spreadr Woocommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Spreadr Woocommerce: from n/a through 1.0.4.
|
|||||
| CVE-2024-56007 | 2024-12-16 | N/A | 4.3 MEDIUM | ||
|
Missing Authorization vulnerability in Ram Segev Leader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leader: from n/a through 2.6.1.
|
|||||
| CVE-2024-56004 | 2024-12-16 | N/A | 5.4 MEDIUM | ||
|
Missing Authorization vulnerability in Alex W Fowler Easy Site Importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Site Importer: from n/a through 1.0.1.
|
|||||
| CVE-2024-56001 | 2024-12-16 | N/A | 6.5 MEDIUM | ||
|
Missing Authorization vulnerability in Ksher Ksher allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ksher: from n/a through 1.1.1.
|
|||||
| CVE-2024-55998 | 2024-12-16 | N/A | 5.4 MEDIUM | ||
|
Missing Authorization vulnerability in dusthazard Popup Surveys & Polls for WordPress (Mare.io) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Surveys & Polls for WordPress (Mare.io): from n/a through 1.36.
|
|||||
| CVE-2024-55996 | 2024-12-16 | N/A | 6.1 MEDIUM | ||
|
Missing Authorization vulnerability in Dreamfox Dreamfox Media Payment gateway per Product for Woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dreamfox Media Payment gateway per Product for Woocommerce: from n/a through 3.5.6.
|
|||||
| CVE-2024-55994 | 2024-12-16 | N/A | 4.3 MEDIUM | ||
|
Missing Authorization vulnerability in 搜狐畅言 畅言评论系统 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 畅言评论系统: from n/a through 2.0.5.
|
|||||
| CVE-2024-55993 | 2024-12-16 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in PickPlugins Job Board Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Job Board Manager: from n/a through 2.1.60.
|
|||||
| CVE-2024-55992 | 2024-12-16 | N/A | 5.4 MEDIUM | ||
|
Missing Authorization vulnerability in Open Tools WooCommerce Basic Ordernumbers allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Basic Ordernumbers: from n/a through 1.4.4.
|
|||||
| CVE-2024-54417 | 2024-12-16 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in Pixelgrade PixProof allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects PixProof: from n/a through 2.0.1.
|
|||||
| CVE-2024-54402 | 2024-12-16 | N/A | 4.3 MEDIUM | ||
|
Missing Authorization vulnerability in Jozoor Arabic Webfonts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Arabic Webfonts: from n/a through 1.4.6.
|
|||||
| CVE-2024-54384 | 2024-12-16 | N/A | 4.3 MEDIUM | ||
|
Missing Authorization vulnerability in eLightUp Falcon – WordPress Optimizations & Tweaks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Falcon – WordPress Optimizations & Tweaks: from n/a through 2.8.3.
|
|||||
| CVE-2024-54379 | 2024-12-16 | N/A | 8.8 HIGH | ||
|
Missing Authorization vulnerability in Blokhaus Minterpress allows Privilege Escalation.This issue affects Minterpress: from n/a through 1.0.5.
|
|||||
| CVE-2024-54378 | 2024-12-16 | N/A | 8.8 HIGH | ||
|
Missing Authorization vulnerability in Quietly Quietly Insights allows Privilege Escalation.This issue affects Quietly Insights: from n/a through 1.2.2.
|
|||||
| CVE-2024-54369 | 2024-12-16 | N/A | 9.1 CRITICAL | ||
|
Missing Authorization vulnerability in ThemeHunk Zita Site Builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Zita Site Builder: from n/a through 1.0.2.
|
|||||
| CVE-2024-54359 | 2024-12-16 | N/A | 8.2 HIGH | ||
|
Missing Authorization vulnerability in Saul Morales Pacheco Banner System allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Banner System: from n/a through 1.0.0.
|
|||||
| CVE-2024-54354 | 2024-12-16 | N/A | 6.5 MEDIUM | ||
|
Missing Authorization vulnerability in Beat Kueffer Termin-Kalender allows Stored XSS.This issue affects Termin-Kalender: from n/a through 0.99.47.
|
|||||
| CVE-2024-28230 | 1 Jetbrains | 1 Youtrack | 2024-12-16 | N/A | 6.5 MEDIUM |
|
In JetBrains YouTrack before 2024.1.25893 attaching/detaching workflow to a project was possible without project admin permissions
|
|||||
| CVE-2023-40105 | 1 Google | 1 Android | 2024-12-13 | N/A | 5.5 MEDIUM |
|
In backupAgentCreated of ActivityManagerService.java, there is a possible way to leak sensitive data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-40113 | 1 Google | 1 Android | 2024-12-13 | N/A | 5.5 MEDIUM |
|
In multiple locations, there is a possible way for apps to access cross-user message data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-5318 | 1 Gitlab | 1 Gitlab | 2024-12-13 | N/A | 4.0 MEDIUM |
|
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.11 prior to 16.10.6, starting from 16.11 prior to 16.11.3, and starting from 17.0 prior to 17.0.1. A Guest user can view dependency lists of private projects through job artifacts.
|
|||||
| CVE-2024-54326 | 2024-12-13 | N/A | 6.5 MEDIUM | ||
|
Missing Authorization vulnerability in Eyal Fitoussi GEO my WordPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GEO my WordPress: from n/a through 4.5.0.4.
|
|||||
| CVE-2024-54323 | 2024-12-13 | N/A | 5.4 MEDIUM | ||
|
Missing Authorization vulnerability in WPExpertsio New User Approve allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects New User Approve: from n/a through 2.6.2.
|
|||||
| CVE-2024-54311 | 2024-12-13 | N/A | 5.4 MEDIUM | ||
|
Missing Authorization vulnerability in i.lychkov Mark New Posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mark New Posts: from n/a through 7.5.1.
|
|||||
| CVE-2024-54310 | 2024-12-13 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in Aslam Khan Gouran Gou Manage My Account Menu allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Gou Manage My Account Menu: from n/a through 1.0.1.8.
|
|||||
| CVE-2024-54298 | 2024-12-13 | N/A | 4.3 MEDIUM | ||
|
Missing Authorization vulnerability in Bill Minozzi Car Dealer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Car Dealer: from n/a through 4.46.
|
|||||
| CVE-2024-54289 | 2024-12-13 | N/A | 6.5 MEDIUM | ||
|
Missing Authorization vulnerability in Awesome Support Team Awesome Support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n/a through 6.3.0.
|
|||||
| CVE-2024-54278 | 2024-12-13 | N/A | 4.3 MEDIUM | ||
|
Missing Authorization vulnerability in Plugin Devs News Ticker for Elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects News Ticker for Elementor: from n/a through 2.1.3.
|
|||||
| CVE-2024-54271 | 2024-12-13 | N/A | 5.4 MEDIUM | ||
|
Missing Authorization vulnerability in WPTaskForce WPCargo Track & Trace allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCargo Track & Trace: from n/a through 7.0.6.
|
|||||
| CVE-2024-54267 | 2024-12-13 | N/A | 4.3 MEDIUM | ||
|
Missing Authorization vulnerability in CreativeMindsSolutions CM Answers allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CM Answers: from n/a through 3.2.6.
|
|||||
| CVE-2024-54256 | 2024-12-13 | N/A | 7.1 HIGH | ||
|
Missing Authorization vulnerability in Seerox Easy Blocks pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Easy Blocks pro: from n/a through 1.0.21.
|
|||||
| CVE-2024-54242 | 2024-12-13 | N/A | 6.5 MEDIUM | ||
|
Missing Authorization vulnerability in Appsbd Simple Notification allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Notification: from n/a through 1.3.
|
|||||
| CVE-2024-54241 | 2024-12-13 | N/A | 6.5 MEDIUM | ||
|
Missing Authorization vulnerability in Appsbd Elite Notification – Sales Popup, Social Proof, FOMO & WooCommerce Notification allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elite Notification – Sales Popup, Social Proof, FOMO & WooCommerce Notification: from 1.5 through n/a.
|
|||||
| CVE-2024-54239 | 2024-12-13 | N/A | 9.8 CRITICAL | ||
|
Missing Authorization vulnerability in dugudlabs Eyewear prescription form allows Privilege Escalation.This issue affects Eyewear prescription form: from n/a through 4.0.18.
|
|||||
| CVE-2023-44149 | 2024-12-13 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in BeRocket Brands for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brands for WooCommerce: from n/a through 3.8.2.2.
|
|||||
| CVE-2023-44147 | 2024-12-13 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in Apasionados Comment Blacklist Updater allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Comment Blacklist Updater: from n/a through 1.1.0.
|
|||||
| CVE-2023-44142 | 2024-12-13 | N/A | 5.4 MEDIUM | ||
|
Missing Authorization vulnerability in Inactive Logout Inactive Logout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Inactive Logout: from n/a through 3.2.2.
|
|||||
| CVE-2023-41952 | 2024-12-13 | N/A | 5.3 MEDIUM | ||
|
Missing Authorization vulnerability in Contact Form - WPManageNinja LLC FluentForm allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentForm: from n/a through 5.0.8.
|
|||||
| CVE-2023-41951 | 2024-12-13 | N/A | 4.3 MEDIUM | ||
|
Missing Authorization vulnerability in rtCamp rtMedia for WordPress, BuddyPress and bbPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects rtMedia for WordPress, BuddyPress and bbPress: from n/a through 4.6.14.
|
|||||
| CVE-2023-41873 | 2024-12-13 | N/A | 4.3 MEDIUM | ||
|
Missing Authorization vulnerability in miniOrange SAML SP Single Sign On allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SAML SP Single Sign On: from n/a through 5.0.4.
|
|||||