Export limit exceeded: 10397 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10397 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-43924 | 1 Dfactory | 1 Responsive Lightbox | 2024-11-06 | 5.3 Medium |
| Missing Authorization vulnerability in dFactory Responsive Lightbox allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Responsive Lightbox: from n/a through 2.4.7. | ||||
| CVE-2024-43219 | 1 Woocommerce | 1 Persian-woocommerce | 2024-11-05 | 5.3 Medium |
| Missing Authorization vulnerability in ووکامرس فارسی Persian WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Persian WooCommerce: from n/a through 7.1.6. | ||||
| CVE-2024-43277 | 1 Ayecode | 1 Userswp | 2024-11-05 | 5.3 Medium |
| Missing Authorization vulnerability in AyeCode Ltd UsersWP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UsersWP: from n/a through 1.2.15. | ||||
| CVE-2024-43270 | 1 Wpbackitup | 1 Wp Backitup | 2024-11-05 | 5.3 Medium |
| Missing Authorization vulnerability in WPBackItUp Backup and Restore WordPress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Backup and Restore WordPress: from n/a through 1.50. | ||||
| CVE-2024-43120 | 1 Gmo | 1 Typesquare Webfonts For Conoha | 2024-11-05 | 5.3 Medium |
| Missing Authorization vulnerability in XSERVER Inc. TypeSquare Webfonts allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects TypeSquare Webfonts: from n/a through 2.0.7. | ||||
| CVE-2024-43212 | 1 Magepeople | 1 Wptravelly | 2024-11-05 | 7.5 High |
| Missing Authorization vulnerability in MagePeople Team WpTravelly allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WpTravelly: from n/a through 1.7.7. | ||||
| CVE-2024-43209 | 1 Bitly | 1 Bitly | 2024-11-05 | 6.5 Medium |
| Missing Authorization vulnerability in Bitly allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bitly: from n/a through 2.7.2. | ||||
| CVE-2024-38745 | 1 Rymera | 1 Wholesale Suite | 2024-11-05 | 5.3 Medium |
| Missing Authorization vulnerability in Rymera Web Co Wholesale Suite allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Wholesale Suite: from n/a through 2.1.12. | ||||
| CVE-2024-38744 | 1 Upqode | 1 Plum | 2024-11-05 | 8.3 High |
| Missing Authorization vulnerability in Upqode Plum: Spin Wheel & Email Pop-up allows Accessing Functionality Not Properly Constrained by ACLs, Stored XSS.This issue affects Plum: Spin Wheel & Email Pop-up: from n/a through 2.0. | ||||
| CVE-2024-10598 | 2 Tongda, Tongda2000 | 2 Oa 2017, Office Anywhere | 2024-11-04 | 5.3 Medium |
| A vulnerability classified as critical was found in Tongda OA 11.2/11.3/11.4/11.5/11.6. This vulnerability affects unknown code of the file general/hr/setting/attendance/leave/data.php of the component Annual Leave Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-37516 | 2024-11-04 | 6.3 Medium | ||
| Missing Authorization vulnerability in fifu.App Featured Image from URL allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Featured Image from URL: from n/a through 4.8.2. | ||||
| CVE-2024-37517 | 2024-11-04 | 4.3 Medium | ||
| Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.13.7. | ||||
| CVE-2024-43143 | 2024-11-04 | 6.4 Medium | ||
| Missing Authorization vulnerability in Roundup WP Registrations for the Events Calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Registrations for the Events Calendar: from n/a through 2.12.1. | ||||
| CVE-2024-51426 | 1 Ethereum | 1 Ethereum | 2024-11-04 | 8.8 High |
| An issue in the PepeGxng smart contract (which can be run on the Ethereum blockchain) allows remote attackers to have an unspecified impact via the _transfer function. NOTE: this is disputed by third parties because the impact is limited to function calls. | ||||
| CVE-2024-51425 | 1 Ethereum | 1 Ethereum | 2024-11-04 | 8.8 High |
| An issue in the WaterToken smart contract (which can be run on the Ethereum blockchain) allows remote attackers to have an unspecified impact. NOTE: this is disputed by third parties because the impact is limited to function calls. | ||||
| CVE-2024-37468 | 1 Blazethemes | 1 Newsmatic | 2024-11-01 | 5.3 Medium |
| Missing Authorization vulnerability in blazethemes Newsmatic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newsmatic: from n/a through 1.3.1. | ||||
| CVE-2024-37477 | 2024-11-01 | 6.5 Medium | ||
| Missing Authorization vulnerability in Automattic Newspack Content Converter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newspack Content Converter: from n/a through 0.1.5. | ||||
| CVE-2024-37506 | 1 Wpcharitable | 1 Charitable | 2024-11-01 | 5.3 Medium |
| Missing Authorization vulnerability in Charitable Donations & Fundraising Team Charitable allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Charitable: from n/a through 1.8.1.7. | ||||
| CVE-2024-37510 | 1 Wpcharitable | 1 Charitable | 2024-11-01 | 6.5 Medium |
| Missing Authorization vulnerability in Charitable Donations & Fundraising Team Charitable allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Charitable: from n/a through 1.8.1.7. | ||||
| CVE-2024-37475 | 1 Automattic | 1 Newspack Newsletters | 2024-11-01 | 5.3 Medium |
| Missing Authorization vulnerability in Automattic Newspack Newsletters allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Newspack Newsletters: from n/a through 2.13.2. | ||||