Lucene search

K

Business Directory Plugin | GeoDirectory Security Vulnerabilities

cve
cve

CVE-2023-44234

Missing Authorization vulnerability in Bastianon Massimo WP GPX Map.This issue affects WP GPX Map: from n/a through...

4.3CVSS

4.7AI Score

0.0004EPSS

2024-06-12 10:15 AM
48
nvd
nvd

CVE-2023-44234

Missing Authorization vulnerability in Bastianon Massimo WP GPX Map.This issue affects WP GPX Map: from n/a through...

4.3CVSS

0.0004EPSS

2024-06-12 10:15 AM
3
nvd
nvd

CVE-2023-41240

Missing Authorization vulnerability in Vark Pricing Deals for WooCommerce.This issue affects Pricing Deals for WooCommerce: from n/a through...

5.3CVSS

0.0004EPSS

2024-06-12 10:15 AM
2
cve
cve

CVE-2023-41240

Missing Authorization vulnerability in Vark Pricing Deals for WooCommerce.This issue affects Pricing Deals for WooCommerce: from n/a through...

5.3CVSS

5.4AI Score

0.0004EPSS

2024-06-12 10:15 AM
15
cve
cve

CVE-2023-40209

Missing Authorization vulnerability in Himalaya Saxena Highcompress Image Compressor.This issue affects Highcompress Image Compressor: from n/a through...

6.5CVSS

6.5AI Score

0.0004EPSS

2024-06-12 10:15 AM
14
nvd
nvd

CVE-2023-40672

Missing Authorization vulnerability in Hardik Chavada Sticky Social Media Icons.This issue affects Sticky Social Media Icons: from n/a through...

5.4CVSS

0.0004EPSS

2024-06-12 10:15 AM
2
nvd
nvd

CVE-2023-40209

Missing Authorization vulnerability in Himalaya Saxena Highcompress Image Compressor.This issue affects Highcompress Image Compressor: from n/a through...

6.5CVSS

0.0004EPSS

2024-06-12 10:15 AM
2
cve
cve

CVE-2023-40672

Missing Authorization vulnerability in Hardik Chavada Sticky Social Media Icons.This issue affects Sticky Social Media Icons: from n/a through...

5.4CVSS

5.6AI Score

0.0004EPSS

2024-06-12 10:15 AM
14
nvd
nvd

CVE-2023-40603

Missing Authorization vulnerability in Gangesh Matta Simple Org Chart.This issue affects Simple Org Chart: from n/a through...

5.3CVSS

0.0004EPSS

2024-06-12 10:15 AM
2
cve
cve

CVE-2023-40603

Missing Authorization vulnerability in Gangesh Matta Simple Org Chart.This issue affects Simple Org Chart: from n/a through...

5.3CVSS

5.4AI Score

0.0004EPSS

2024-06-12 10:15 AM
25
nvd
nvd

CVE-2023-38395

Missing Authorization vulnerability in Afzal Multani WP Clone Menu.This issue affects WP Clone Menu: from n/a through...

5.4CVSS

0.0004EPSS

2024-06-12 10:15 AM
3
cve
cve

CVE-2023-38395

Missing Authorization vulnerability in Afzal Multani WP Clone Menu.This issue affects WP Clone Menu: from n/a through...

5.4CVSS

5.6AI Score

0.0004EPSS

2024-06-12 10:15 AM
14
nvd
nvd

CVE-2023-25030

Missing Authorization vulnerability in Buy Me a Coffee.This issue affects Buy Me a Coffee: from n/a through...

4.3CVSS

0.0004EPSS

2024-06-12 10:15 AM
2
cve
cve

CVE-2023-25030

Missing Authorization vulnerability in Buy Me a Coffee.This issue affects Buy Me a Coffee: from n/a through...

4.3CVSS

4.7AI Score

0.0004EPSS

2024-06-12 10:15 AM
13
cvelist
cvelist

CVE-2023-40209 WordPress Highcompress Image Compressor plugin <= 6.0.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Himalaya Saxena Highcompress Image Compressor.This issue affects Highcompress Image Compressor: from n/a through...

6.5CVSS

0.0004EPSS

2024-06-12 09:53 AM
2
vulnrichment
vulnrichment

CVE-2023-40209 WordPress Highcompress Image Compressor plugin <= 6.0.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Himalaya Saxena Highcompress Image Compressor.This issue affects Highcompress Image Compressor: from n/a through...

6.5CVSS

7.2AI Score

0.0004EPSS

2024-06-12 09:53 AM
cvelist
cvelist

CVE-2023-40603 WordPress Simple Org Chart plugin <= 2.3.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Gangesh Matta Simple Org Chart.This issue affects Simple Org Chart: from n/a through...

5.3CVSS

0.0004EPSS

2024-06-12 09:51 AM
2
osv
osv

Malicious code in addthis-wordpress-plugin (npm)

-= Per source details. Do not edit below this line.=- Source: ossf-package-analysis (6d8ae72ce3501b8463193222bf9bebe2913ee52bf39fb10c8c9aa2f2049ebaa5) The OpenSSF Package Analysis project identified 'addthis-wordpress-plugin' @ 2.0.0 (npm) as malicious. It is considered malicious because: The...

7.3AI Score

2024-06-12 09:51 AM
2
vulnrichment
vulnrichment

CVE-2023-41240 WordPress Pricing Deals for WooCommercePricing Deals for WooCommerce plugin <= 2.0.3.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Vark Pricing Deals for WooCommerce.This issue affects Pricing Deals for WooCommerce: from n/a through...

5.3CVSS

7.2AI Score

0.0004EPSS

2024-06-12 09:49 AM
cvelist
cvelist

CVE-2023-41240 WordPress Pricing Deals for WooCommercePricing Deals for WooCommerce plugin <= 2.0.3.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Vark Pricing Deals for WooCommerce.This issue affects Pricing Deals for WooCommerce: from n/a through...

5.3CVSS

0.0004EPSS

2024-06-12 09:49 AM
2
vulnrichment
vulnrichment

CVE-2023-44234 WordPress WP GPX Maps plugin <= 1.7.08 - Broken Access Control vulnerability

Missing Authorization vulnerability in Bastianon Massimo WP GPX Map.This issue affects WP GPX Map: from n/a through...

4.3CVSS

7.2AI Score

0.0004EPSS

2024-06-12 09:47 AM
cvelist
cvelist

CVE-2023-44234 WordPress WP GPX Maps plugin <= 1.7.08 - Broken Access Control vulnerability

Missing Authorization vulnerability in Bastianon Massimo WP GPX Map.This issue affects WP GPX Map: from n/a through...

4.3CVSS

0.0004EPSS

2024-06-12 09:47 AM
4
vulnrichment
vulnrichment

CVE-2023-25030 WordPress Buy Me a Coffee plugin <= 3.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Buy Me a Coffee.This issue affects Buy Me a Coffee: from n/a through...

4.3CVSS

7.2AI Score

0.0004EPSS

2024-06-12 09:39 AM
cvelist
cvelist

CVE-2023-25030 WordPress Buy Me a Coffee plugin <= 3.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Buy Me a Coffee.This issue affects Buy Me a Coffee: from n/a through...

4.3CVSS

0.0004EPSS

2024-06-12 09:39 AM
3
cvelist
cvelist

CVE-2023-38395 WordPress WP Clone Menu plugin <= 1.0.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Afzal Multani WP Clone Menu.This issue affects WP Clone Menu: from n/a through...

5.4CVSS

0.0004EPSS

2024-06-12 09:38 AM
6
cvelist
cvelist

CVE-2023-40672 WordPress Sticky Social Media Icons plugin <= 2.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Hardik Chavada Sticky Social Media Icons.This issue affects Sticky Social Media Icons: from n/a through...

5.4CVSS

0.0004EPSS

2024-06-12 09:36 AM
3
cvelist
cvelist

CVE-2024-2092 Elementor Addon Elements <= 1.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Widget

The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Twitter Widget in all versions up to, and including, 1.13.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

5.4CVSS

0.001EPSS

2024-06-12 09:33 AM
2
cvelist
cvelist

CVE-2024-4845 Icegram Express <= 5.7.22 - Authenticated (Subscriber+) SQL Injection Vulnerability via options[list_id]

The Icegram Express plugin for WordPress is vulnerable to SQL Injection via the ‘options[list_id]’ parameter in all versions up to, and including, 5.7.22 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

8.8CVSS

0.001EPSS

2024-06-12 09:33 AM
3
cvelist
cvelist

CVE-2023-47845 WordPress Grab & Save plugin <= 1.0.4 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Lim Kai Yang Grab & Save.This issue affects Grab & Save: from n/a through...

4.3CVSS

0.0004EPSS

2024-06-12 09:25 AM
2
vulnrichment
vulnrichment

CVE-2023-47845 WordPress Grab & Save plugin <= 1.0.4 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Lim Kai Yang Grab & Save.This issue affects Grab & Save: from n/a through...

4.3CVSS

7.2AI Score

0.0004EPSS

2024-06-12 09:25 AM
vulnrichment
vulnrichment

CVE-2023-48280 WordPress Consensu.io plugin <= 1.0.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Consensu.IO Consensu.Io.This issue affects Consensu.Io: from n/a through...

7.5CVSS

7.2AI Score

0.0004EPSS

2024-06-12 09:23 AM
cvelist
cvelist

CVE-2023-48280 WordPress Consensu.io plugin <= 1.0.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Consensu.IO Consensu.Io.This issue affects Consensu.Io: from n/a through...

7.5CVSS

0.0004EPSS

2024-06-12 09:23 AM
2
nvd
nvd

CVE-2024-5468

The WordPress Header Builder Plugin – Pearl plugin for WordPress is vulnerable to unauthorized site option deletion due to a missing validation and capability checks on the stm_hb_delete() function in all versions up to, and including, 1.3.7. This makes it possible for unauthenticated attackers to....

6.5CVSS

0.0004EPSS

2024-06-12 09:15 AM
2
cve
cve

CVE-2024-5468

The WordPress Header Builder Plugin – Pearl plugin for WordPress is vulnerable to unauthorized site option deletion due to a missing validation and capability checks on the stm_hb_delete() function in all versions up to, and including, 1.3.7. This makes it possible for unauthenticated attackers to....

6.5CVSS

6.4AI Score

0.0004EPSS

2024-06-12 09:15 AM
16
cve
cve

CVE-2024-5266

The Download Manager Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via wpdm_user_dashboard, wpdm_package, wpdm_packages, wpdm_search_result, and wpdm_tag shortcodes in all versions up to, and including, 3.2.92 due to insufficient input sanitization and output escaping on...

6.4CVSS

5.7AI Score

0.001EPSS

2024-06-12 09:15 AM
16
nvd
nvd

CVE-2024-5266

The Download Manager Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via wpdm_user_dashboard, wpdm_package, wpdm_packages, wpdm_search_result, and wpdm_tag shortcodes in all versions up to, and including, 3.2.92 due to insufficient input sanitization and output escaping on...

6.4CVSS

0.001EPSS

2024-06-12 09:15 AM
2
cve
cve

CVE-2024-5154

A flaw was found in cri-o. A malicious container can create a symbolic link pointing to an arbitrary directory or file on the host via directory traversal (“../“). This flaw allows the container to read and write to arbitrary files on the host...

8.1CVSS

8AI Score

0.0004EPSS

2024-06-12 09:15 AM
20
nvd
nvd

CVE-2024-5154

A flaw was found in cri-o. A malicious container can create a symbolic link pointing to an arbitrary directory or file on the host via directory traversal (“../“). This flaw allows the container to read and write to arbitrary files on the host...

8.1CVSS

0.0004EPSS

2024-06-12 09:15 AM
2
nvd
nvd

CVE-2023-52177

Missing Authorization vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through...

5.4CVSS

0.0004EPSS

2024-06-12 09:15 AM
1
cve
cve

CVE-2023-52177

Missing Authorization vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through...

5.4CVSS

5.5AI Score

0.0004EPSS

2024-06-12 09:15 AM
22
cve
cve

CVE-2023-52117

Missing Authorization vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid: from n/a through...

4.3CVSS

4.7AI Score

0.0004EPSS

2024-06-12 09:15 AM
33
nvd
nvd

CVE-2023-52117

Missing Authorization vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid: from n/a through...

4.3CVSS

0.0004EPSS

2024-06-12 09:15 AM
5
cve
cve

CVE-2023-51679

Missing Authorization vulnerability in BulkGate BulkGate SMS Plugin for WooCommerce.This issue affects BulkGate SMS Plugin for WooCommerce: from n/a through...

5.4CVSS

5.6AI Score

0.0004EPSS

2024-06-12 09:15 AM
31
nvd
nvd

CVE-2023-51679

Missing Authorization vulnerability in BulkGate BulkGate SMS Plugin for WooCommerce.This issue affects BulkGate SMS Plugin for WooCommerce: from n/a through...

5.4CVSS

0.0004EPSS

2024-06-12 09:15 AM
1
nvd
nvd

CVE-2023-51680

Missing Authorization vulnerability in TechnoVama Quotes for WooCommerce.This issue affects Quotes for WooCommerce: from n/a through...

4.3CVSS

0.0004EPSS

2024-06-12 09:15 AM
2
cve
cve

CVE-2023-51680

Missing Authorization vulnerability in TechnoVama Quotes for WooCommerce.This issue affects Quotes for WooCommerce: from n/a through...

4.3CVSS

4.8AI Score

0.0004EPSS

2024-06-12 09:15 AM
33
nvd
nvd

CVE-2023-51671

Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through...

5.4CVSS

0.0004EPSS

2024-06-12 09:15 AM
1
cve
cve

CVE-2023-51671

Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through...

5.4CVSS

5.6AI Score

0.0004EPSS

2024-06-12 09:15 AM
23
nvd
nvd

CVE-2023-51537

Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through...

5.3CVSS

0.0004EPSS

2024-06-12 09:15 AM
3
cve
cve

CVE-2023-51670

Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through...

4.3CVSS

4.7AI Score

0.0004EPSS

2024-06-12 09:15 AM
22
Total number of security vulnerabilities346396