CVE-2024-43219

Missing Authorization vulnerability in ووکامرس فارسی Persian WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Persian WooCommerce: from n/a through 7.1.6...

CVE-2024-38744

Missing Authorization vulnerability in Upqode Plum: Spin Wheel & Email Pop-up allows Accessing Functionality Not Properly Constrained by ACLs, Stored XSS.This issue affects Plum: Spin Wheel & Email Pop-up: from n/a through 2.0...

CVE-2024-37510

CVE-2024-37510 concerns WordPress plugin Charitable (Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress) with versions up to 1.8.1.7. The root cause is a missing authorization check that allows users to access functionality not constrained by ACLs. The vulnerabil...

CVE-2024-43159

CVE-2024-43159 is a Missing Authorization vulnerability in WordPress Masteriyo LMS plugin affecting versions up to 1.11.6. Public details describe that access to functionality is not properly constrained by ACLs, enabling unauthorized access. Available connected sources consistently state the iss...

CVE-2024-43979

CVE-2024-43979 is a Missing Authorization vulnerability in CozyThemes Blockbooster for WordPress. The flaw affects Blockbooster versions

CVE-2024-43998

CVE-2024-43998 : Blogpoet theme has a Missing Authorization (ACL) vulnerability that lets an unauthenticated actor access functions not properly constrained by ACLs in Blogpoet versions n/a–1.0.3. The credible connected documents describe the root cause as missing authorization around plugin/feat...

CVE-2024-47321

CVE-2024-47321 affects WordPress WP Datepicker

CVE-2024-7108

CVE-2024-7108 describes an Incorrect Authorization vulnerability in National Keep Cyber Security Services’ CyberMath. The issue allows accessing functionality that is not properly constrained by ACLs, affecting CyberMath versions prior to CYBM.240816253. The NVD/Red Hat and related sources corrob...

CVE-2024-45453

CVE-2024-45453 concerns the WordPress Maintenance Redirect plugin ≤ 2.0.1. The vulnerability is an Authentication Bypass by Spoofing that enables accessing functionality not properly constrained by ACLs. Affected software: Maintenance Redirect versions n/a through 2.0.1. Impact per sources: unaut...

CVE-2024-43939 WordPress Z Y N I T H plugin <= 7.4.9 - Unauthenticated Arbitrary Option Deletion vulnerability

Missing Authorization vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Z Y N I T H: from n/a through 7.4.9...

CVE-2024-43247

Missing Authorization vulnerability in creativeon WHMpress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WHMpress: from n/a through 6.2-revision-5...

CVE-2024-43250

CVE-2024-43250 concerns Bit Form Pro (WordPress plugin). Connected sources confirm an Incorrect Authorization vulnerability in Bit Form Pro, affecting versions up to 2.6.4, enabling Missing Authorization to update settings for Subscriber+ accounts. Root cause: ACL-related permission checks not pr...

CVE-2024-38688

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-5618

Incorrect Permission Assignment for Critical Resource vulnerability in PruvaSoft Informatics Apinizer Management Console allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Apinizer Management Console: before 2024.05.1...