Lucene search

K

* Security Vulnerabilities

cve
cve

CVE-2024-30466

Missing Authorization vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through...

5.4CVSS

5.6AI Score

0.0004EPSS

2024-06-09 11:15 AM
32
cve
cve

CVE-2024-30467

Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg.This issue affects Essential Blocks for Gutenberg: from n/a through...

6.5CVSS

6.6AI Score

0.0004EPSS

2024-06-09 11:15 AM
22
cve
cve

CVE-2024-30465

Missing Authorization vulnerability in Pagelayer Team PageLayer.This issue affects PageLayer: from n/a through...

6.5CVSS

6.5AI Score

0.0004EPSS

2024-06-09 11:15 AM
26
cve
cve

CVE-2024-30464

Missing Authorization vulnerability in WPZOOM Social Icons Widget & Block by WPZOOM.This issue affects Social Icons Widget & Block by WPZOOM: from n/a through...

5.4CVSS

5.6AI Score

0.0004EPSS

2024-06-09 11:15 AM
31
cve
cve

CVE-2024-24716

Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through...

5.4CVSS

5.5AI Score

0.0004EPSS

2024-06-09 11:15 AM
31
cve
cve

CVE-2024-25929

Missing Authorization vulnerability in MultiVendorX Product Catalog Enquiry for WooCommerce by MultiVendorX.This issue affects Product Catalog Enquiry for WooCommerce by MultiVendorX: from n/a through...

6.5CVSS

6.5AI Score

0.0004EPSS

2024-06-09 11:15 AM
29
cve
cve

CVE-2024-25092

Missing Authorization vulnerability in XLPlugins NextMove Lite.This issue affects NextMove Lite: from n/a through...

8.8CVSS

8.8AI Score

0.0004EPSS

2024-06-09 11:15 AM
33
cve
cve

CVE-2023-34003

Missing Authorization vulnerability in Woo WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through...

6.5CVSS

6.5AI Score

0.0004EPSS

2024-06-09 11:15 AM
43
cve
cve

CVE-2023-23640

Missing Authorization vulnerability in MainWP MainWP UpdraftPlus Extension.This issue affects MainWP UpdraftPlus Extension: from n/a through...

5.4CVSS

5.6AI Score

0.0004EPSS

2024-06-09 10:15 AM
25
cve
cve

CVE-2023-31080

Missing Authorization vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates).This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through...

8.3CVSS

8.3AI Score

0.0004EPSS

2024-06-09 10:15 AM
26
cve
cve

CVE-2023-23639

Missing Authorization vulnerability in MainWP MainWP Staging Extension.This issue affects MainWP Staging Extension: from n/a through...

5.4CVSS

5.5AI Score

0.0004EPSS

2024-06-09 10:15 AM
24
cve
cve

CVE-2024-31246

Missing Authorization vulnerability in Post Grid Team by WPXPO PostX – Gutenberg Blocks for Post Grid.This issue affects PostX – Gutenberg Blocks for Post Grid: from n/a through...

5.4CVSS

5.5AI Score

0.0004EPSS

2024-06-09 09:15 AM
31
cve
cve

CVE-2024-31294

Missing Authorization vulnerability in Fahad Mahmood WP Sort Order.This issue affects WP Sort Order: from n/a through...

4.3CVSS

4.7AI Score

0.0004EPSS

2024-06-09 09:15 AM
28
cve
cve

CVE-2024-31098

Missing Authorization vulnerability in Mr.Ebabi New Order Notification for Woocommerce.This issue affects New Order Notification for Woocommerce: from n/a through...

8.1CVSS

8.2AI Score

0.0004EPSS

2024-06-09 09:15 AM
27
cve
cve

CVE-2024-30537

Missing Authorization vulnerability in WPClever WPC Badge Management for WooCommerce.This issue affects WPC Badge Management for WooCommerce: from n/a through...

4.3CVSS

4.8AI Score

0.0004EPSS

2024-06-09 09:15 AM
31
cve
cve

CVE-2024-30538

Missing Authorization vulnerability in DELUCKS GmbH DELUCKS SEO.This issue affects DELUCKS SEO: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-06-09 09:15 AM
27
cve
cve

CVE-2024-30539

Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through...

5.3CVSS

5.4AI Score

0.0004EPSS

2024-06-09 09:15 AM
28
cve
cve

CVE-2023-52232

Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before...

6.5CVSS

6.6AI Score

0.0004EPSS

2024-06-09 09:15 AM
28
cve
cve

CVE-2023-52230

Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before...

6.5CVSS

6.6AI Score

0.0004EPSS

2024-06-09 09:15 AM
28
cve
cve

CVE-2024-30534

Missing Authorization vulnerability in typps Calendarista Basic Edition.This issue affects Calendarista Basic Edition: from n/a through...

6.5CVSS

6.5AI Score

0.0004EPSS

2024-06-09 09:15 AM
35
cve
cve

CVE-2023-51494

Missing Authorization vulnerability in Woo WooCommerce Product Vendors.This issue affects WooCommerce Product Vendors: from n/a through...

5.3CVSS

5.4AI Score

0.0004EPSS

2024-06-09 09:15 AM
46
cve
cve

CVE-2024-5775

A vulnerability was found in SourceCodester Vehicle Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file updatebill.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has...

6.3CVSS

6.8AI Score

0.0004EPSS

2024-06-09 08:15 AM
22
cve
cve

CVE-2024-5774

A vulnerability has been found in SourceCodester Stock Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument username/password leads to sql injection. The attack...

7.3CVSS

7.5AI Score

0.0004EPSS

2024-06-09 06:15 AM
22
cve
cve

CVE-2024-5773

A vulnerability, which was classified as critical, was found in Netentsec NS-ASG Application Security Gateway 6.3. Affected is an unknown function of the file /protocol/firewall/deletemacbind.php. The manipulation of the argument messagecontent leads to sql injection. It is possible to launch the.....

6.3CVSS

6.8AI Score

0.0004EPSS

2024-06-09 03:15 AM
21
cve
cve

CVE-2024-5772

A vulnerability, which was classified as critical, has been found in Netentsec NS-ASG Application Security Gateway 6.3. This issue affects some unknown processing of the file /protocol/iscuser/deleteiscuser.php. The manipulation of the argument messagecontent leads to sql injection. The attack may....

6.3CVSS

6.8AI Score

0.0004EPSS

2024-06-09 03:15 AM
3
cve
cve

CVE-2024-5771

A vulnerability classified as critical was found in LabVantage LIMS 2017. This vulnerability affects unknown code of the file /labvantage/rc?command=page&page=SampleList&_iframename=list of the component POST Request Handler. The manipulation of the argument param1 leads to sql injection. The...

6.3CVSS

6.9AI Score

0.0004EPSS

2024-06-08 10:15 PM
21
cve
cve

CVE-2024-4680

A vulnerability in zenml-io/zenml version 0.56.3 allows attackers to reuse old session credentials or session IDs due to insufficient session expiration. Specifically, the session does not expire after a password change, enabling an attacker to maintain access to a compromised account without the.....

3.9CVSS

4.3AI Score

0.0004EPSS

2024-06-08 08:15 PM
26
cve
cve

CVE-2024-4146

In lunary-ai/lunary version v1.2.13, an improper authorization vulnerability exists that allows unauthorized users to access and manipulate projects within an organization they should not have access to. Specifically, the vulnerability is located in the checkProjectAccess method within the...

9.8CVSS

9.5AI Score

0.0004EPSS

2024-06-08 08:15 PM
23
cve
cve

CVE-2024-22151

Missing Authorization vulnerability in Codection Import and export users and customers.This issue affects Import and export users and customers: from n/a through...

5.3CVSS

5.4AI Score

0.0004EPSS

2024-06-08 05:15 PM
39
cve
cve

CVE-2024-21748

Missing Authorization vulnerability in Icegram.This issue affects Icegram: from n/a through...

4.3CVSS

4.7AI Score

0.0004EPSS

2024-06-08 05:15 PM
28
cve
cve

CVE-2024-35659

Authorization Bypass Through User-Controlled Key vulnerability in KiviCare.This issue affects KiviCare: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-06-08 04:15 PM
24
cve
cve

CVE-2024-35676

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wpecommerce Recurring PayPal Donations allows Stored XSS.This issue affects Recurring PayPal Donations: from n/a through...

6.5CVSS

6.4AI Score

0.0004EPSS

2024-06-08 04:15 PM
22
cve
cve

CVE-2024-35678

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BestWebSoft Contact Form to DB by BestWebSoft.This issue affects Contact Form to DB by BestWebSoft: from n/a through...

8.5CVSS

8.8AI Score

0.0004EPSS

2024-06-08 04:15 PM
24
cve
cve

CVE-2024-35675

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ILLID Advanced Woo Labels allows Cross-Site Scripting (XSS).This issue affects Advanced Woo Labels: from n/a through...

6.5CVSS

6.2AI Score

0.0004EPSS

2024-06-08 04:15 PM
23
cve
cve

CVE-2024-35657

Cross-Site Request Forgery (CSRF) vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through...

5.4CVSS

5.5AI Score

0.0004EPSS

2024-06-08 04:15 PM
22
cve
cve

CVE-2024-35705

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ciprian Popescu Block for Font Awesome allows Stored XSS.This issue affects Block for Font Awesome: from n/a through...

6.5CVSS

6.5AI Score

0.0004EPSS

2024-06-08 03:15 PM
20
cve
cve

CVE-2024-35706

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Team Heateor Heateor Social Login allows Cross-Site Scripting (XSS).This issue affects Heateor Social Login: from n/a through...

7.1CVSS

6.6AI Score

0.0004EPSS

2024-06-08 03:15 PM
20
cve
cve

CVE-2024-35704

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPBlockArt BlockArt Blocks allows Stored XSS.This issue affects BlockArt Blocks: from n/a through...

6.5CVSS

6.5AI Score

0.0004EPSS

2024-06-08 03:15 PM
21
cve
cve

CVE-2024-35698

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in YITH YITH WooCommerce Tab Manager allows Stored XSS.This issue affects YITH WooCommerce Tab Manager: from n/a through...

5.9CVSS

5.8AI Score

0.0004EPSS

2024-06-08 03:15 PM
21
cve
cve

CVE-2024-35703

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SinaExtra Sina Extension for Elementor allows Stored XSS.This issue affects Sina Extension for Elementor: from n/a through...

6.5CVSS

6.5AI Score

0.0004EPSS

2024-06-08 03:15 PM
25
cve
cve

CVE-2024-35699

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HasThemes HT Feed allows Stored XSS.This issue affects HT Feed: from n/a through...

6.5CVSS

6.5AI Score

0.0004EPSS

2024-06-08 03:15 PM
20
cve
cve

CVE-2024-35701

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PropertyHive allows Stored XSS.This issue affects PropertyHive: from n/a through...

6.5CVSS

6.5AI Score

0.0004EPSS

2024-06-08 03:15 PM
21
cve
cve

CVE-2024-35702

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jewel Theme Master Addons for Elementor allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through...

6.5CVSS

6.5AI Score

0.0004EPSS

2024-06-08 03:15 PM
22
cve
cve

CVE-2024-35695

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Fahad Mahmood WP Docs allows Stored XSS.This issue affects WP Docs: from n/a through...

6.5CVSS

6.5AI Score

0.0004EPSS

2024-06-08 03:15 PM
22
cve
cve

CVE-2024-35694

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPMobile.App allows Reflected XSS.This issue affects WPMobile.App: from n/a through...

7.1CVSS

7AI Score

0.0004EPSS

2024-06-08 03:15 PM
21
cve
cve

CVE-2024-35696

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Fahad Mahmood WP Docs allows Reflected XSS.This issue affects WP Docs: from n/a through...

7.1CVSS

7AI Score

0.0004EPSS

2024-06-08 03:15 PM
22
cve
cve

CVE-2024-35697

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThimPress Eduma allows Reflected XSS.This issue affects Eduma: from n/a through...

7.1CVSS

6.9AI Score

0.0004EPSS

2024-06-08 03:15 PM
24
cve
cve

CVE-2024-35693

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Code for Recovery 12 Step Meeting List allows Reflected XSS.This issue affects 12 Step Meeting List: from n/a through...

7.1CVSS

7.1AI Score

0.0004EPSS

2024-06-08 03:15 PM
20
cve
cve

CVE-2024-35688

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jewel Theme Master Addons for Elementor allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through...

6.5CVSS

6.5AI Score

0.0004EPSS

2024-06-08 03:15 PM
20
cve
cve

CVE-2024-35691

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Marketing Fire, LLC Widget Options - Extended.This issue affects Widget Options - Extended: from n/a through...

6.5CVSS

6.5AI Score

0.0004EPSS

2024-06-08 03:15 PM
22
Total number of security vulnerabilities236850