Latest CVE Feed
-
5.3
MEDIUMCVE-2024-43290
Missing Authorization vulnerability in Atarim allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Atarim: from n/a through 4.0.1.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
5.4
MEDIUMCVE-2024-43268
Access Control vulnerability in WPBackItUp Backup and Restore WordPress allows . This issue affects Backup and Restore WordPress: from n/a through 1.50.... Read more
Affected Products : backup_and_restore_wordpress- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
5.4
MEDIUMCVE-2024-38733
Missing Authorization vulnerability in Meks Meks Video Importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Meks Video Importer: from n/a through 1.0.12.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
4.3
MEDIUMCVE-2024-37203
Missing Authorization vulnerability in Laybuy Laybuy Payment Extension for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Laybuy Payment Extension for WooCommerce: from n/a through 5.3.9.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
5.3
MEDIUMCVE-2024-37427
Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Timetics: from n/a through 1.0.21.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
4.3
MEDIUMCVE-2024-43134
Missing Authorization vulnerability in xootix Waitlist Woocommerce ( Back in stock notifier ) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Waitlist Woocommerce ( Back in stock notifier ): from n/a through 2.6.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
5.3
MEDIUMCVE-2024-37468
Missing Authorization vulnerability in blazethemes Newsmatic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newsmatic: from n/a through 1.3.1.... Read more
Affected Products : newsmatic- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
6.5
MEDIUMCVE-2024-37477
Missing Authorization vulnerability in Automattic Newspack Content Converter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newspack Content Converter: from n/a through 0.1.5.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
5.4
MEDIUMCVE-2024-43260
Missing Authorization vulnerability in Creative Motion Clearfy Cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clearfy Cache: from n/a through 2.2.4.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
4.3
MEDIUMCVE-2024-37096
Missing Authorization vulnerability in Popup Box Team Popup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup box: from n/a through 4.5.1.... Read more
Affected Products : popup_box- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
7.7
HIGHCVE-2024-37108
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WishList Products WishList Member X allows Path Traversal.This issue affects WishList Member X: from n/a through 3.26.6.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
4.3
MEDIUMCVE-2024-37201
Missing Authorization vulnerability in javmah Woocommerce Customers Order History allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Woocommerce Customers Order History: from n/a through 5.2.2.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
6.5
MEDIUMCVE-2024-37214
Missing Authorization vulnerability in Dropshipping Guru Ali2Woo Lite Exploiting Incorrectly Configured Access Control Security Levels, Stored XSS.This issue affects Ali2Woo Lite: from n/a through 3.3.5.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
8.8
HIGHCVE-2024-37232
Missing Authorization vulnerability in Hercules Design Hercules Core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hercules Core: from n/a through 6.5.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
5.4
MEDIUMCVE-2024-37250
Missing Authorization vulnerability in WPEngine Inc. Advanced Custom Fields PRO allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Custom Fields PRO: from n/a through 6.3.1.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
5.3
MEDIUMCVE-2024-37276
Missing Authorization vulnerability in fifu.App Featured Image from URL allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Featured Image from URL: from n/a through 4.8.1.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
5.3
MEDIUMCVE-2024-37411
Missing Authorization vulnerability in Team Emilia Projects Progress Planner allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Progress Planner: from n/a through 0.9.1.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
8.5
HIGHCVE-2024-37423
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Automattic Newspack Blocks allows Path Traversal.This issue affects Newspack Blocks: from n/a through 3.0.8.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
4.3
MEDIUMCVE-2024-37440
Missing Authorization vulnerability in Andy Moyle Church Admin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Church Admin: from n/a through 4.4.4.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
5.3
MEDIUMCVE-2024-37456
Missing Authorization vulnerability in Noptin Newsletter Noptin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Noptin: from n/a through 3.4.2.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024