Latest CVE Feed
-
5.4
MEDIUMCVE-2024-38774
Missing Authorization vulnerability in SiteGround SiteGround Security allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteGround Security: from n/a through 1.5.0.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
6.5
MEDIUMCVE-2024-37477
Missing Authorization vulnerability in Automattic Newspack Content Converter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newspack Content Converter: from n/a through 0.1.5.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
5.3
MEDIUMCVE-2024-38794
Missing Authorization vulnerability in MediaRon LLC Custom Query Blocks allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Custom Query Blocks: from n/a through 5.2.0.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
5.3
MEDIUMCVE-2024-38702
Missing Authorization vulnerability in Tyche Softwares Product Delivery Date for WooCommerce – Lite allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Product Delivery Date for WooCommerce – Lite: from n/a through 2.7.2.... Read more
Affected Products : product_delivery_date_for_woocommerce- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
5.3
MEDIUMCVE-2024-38743
Access Control vulnerability in Upqode Plum: Spin Wheel & Email Pop-up allows . This issue affects Plum: Spin Wheel & Email Pop-up: from n/a through 2.0.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
5.3
MEDIUMCVE-2024-38745
Missing Authorization vulnerability in Rymera Web Co Wholesale Suite allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Wholesale Suite: from n/a through 2.1.12.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
6.5
MEDIUMCVE-2024-37481
Missing Authorization vulnerability in Post Grid Team by RadiusTheme The Post Grid allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects The Post Grid: from n/a through 7.7.4.... Read more
Affected Products : the_post_grid- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
4.3
MEDIUMCVE-2024-37218
Missing Authorization vulnerability in WordPress Page Builder Sandwich Team Page Builder Sandwich – Front-End Page Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Page Builder Sandwich – Front-End Page Bu... Read more
Affected Products : page_builder_sandwich- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
4.3
MEDIUMCVE-2024-37201
Missing Authorization vulnerability in javmah Woocommerce Customers Order History allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Woocommerce Customers Order History: from n/a through 5.2.2.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
6.5
MEDIUMCVE-2024-38771
Missing Authorization vulnerability in Atarim allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Atarim: from n/a through 4.0.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
4.3
MEDIUMCVE-2024-37095
Missing Authorization vulnerability in Envira Gallery Team Envira Photo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envira Photo Gallery: from n/a through 1.8.7.3.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
5.3
MEDIUMCVE-2024-43290
Missing Authorization vulnerability in Atarim allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Atarim: from n/a through 4.0.1.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
5.3
MEDIUMCVE-2024-37226
Missing Authorization vulnerability in Kanban for WordPress Kanban Boards for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kanban Boards for WordPress: from n/a through 2.5.21.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
7.5
HIGHCVE-2024-38726
Missing Authorization vulnerability in PickPlugins Product Designer allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Product Designer: from n/a through 1.0.33.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
5.4
MEDIUMCVE-2024-38740
Missing Authorization vulnerability in Packlink Shipping S.L. Packlink PRO shipping module allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Packlink PRO shipping module: from n/a through 3.4.6.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
4.3
MEDIUMCVE-2024-43134
Missing Authorization vulnerability in xootix Waitlist Woocommerce ( Back in stock notifier ) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Waitlist Woocommerce ( Back in stock notifier ): from n/a through 2.6.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
4.3
MEDIUMCVE-2024-37203
Missing Authorization vulnerability in Laybuy Laybuy Payment Extension for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Laybuy Payment Extension for WooCommerce: from n/a through 5.3.9.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
5.3
MEDIUMCVE-2024-37427
Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Timetics: from n/a through 1.0.21.... Read more
Affected Products :- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
5.4
MEDIUMCVE-2024-38737
Missing Authorization vulnerability in Reservation Diary ReDi Restaurant Reservation allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ReDi Restaurant Reservation: from n/a through 24.0422.... Read more
- Published: Nov. 01, 2024
- Modified: Nov. 01, 2024
-
7.1
HIGHCVE-2024-49654
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Marian Heddesheimer Extra Privacy for Elementor allows Reflected XSS.This issue affects Extra Privacy for Elementor: from n/a through 0.1.3.... Read more
Affected Products : extra_privacy_for_elementor- Published: Oct. 29, 2024
- Modified: Nov. 01, 2024