Lucene search
K

5251 matches found

OSV
OSV
added 2024/05/02 5:15 p.m.3 views

CVE-2024-3601

The Poll Maker – Best WordPress Poll Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ayspollcreateauthor function in all versions up to, and including, 5.1.8. This makes it possible for unauthenticated attackers to extract email...

5.3CVSS5.8AI score0.00584EPSS
Exploits0References2
NVD
NVD
added 2024/05/02 5:15 p.m.24 views

CVE-2024-3601

The Poll Maker – Best WordPress Poll Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ayspollcreateauthor function in all versions up to, and including, 5.1.8. This makes it possible for unauthenticated attackers to extract email...

5.3CVSS5.1AI score0.00584EPSS
Exploits0References2
NVD
NVD
added 2024/05/02 5:15 p.m.14 views

CVE-2024-3599

The WP Cookie Consent for GDPR, CCPA & ePrivacy plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the gdprpolicyprocessdelete function in all versions up to, and including, 3.0.2. This makes it possible for unauthenticated attackers to delete...

5.3CVSS5.2AI score0.0053EPSS
Exploits0References2
NVD
NVD
added 2024/05/02 5:15 p.m.11 views

CVE-2024-3581

The MaxGalleria plugin for WordPress is vulnerable to unauthorized image upload due to a missing capability check on the addmedialibraryimagestogallery function in all versions up to, and including, 6.4.2. This makes it possible for authenticated attackers, with subscriber access or above, to...

4.3CVSS4.5AI score0.00609EPSS
Exploits0References3
NVD
NVD
added 2024/05/02 5:15 p.m.21 views

CVE-2024-3585

The Send PDF for Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of form submissions due to a missing capability check on the hooks function in all versions up to, and including, 1.0.2.3. This makes it possible for unauthenticated attackers to download information about...

5.3CVSS5AI score0.00691EPSS
Exploits0References3
OSV
OSV
added 2024/05/02 5:15 p.m.2 views

CVE-2024-3599

The WP Cookie Consent for GDPR, CCPA & ePrivacy plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the gdprpolicyprocessdelete function in all versions up to, and including, 3.0.2. This makes it possible for unauthenticated attackers to delete...

5.3CVSS5.9AI score0.0053EPSS
Exploits0References2
NVD
NVD
added 2024/05/02 5:15 p.m.11 views

CVE-2024-3520

The Country State City Dropdown CF7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tccscapatchsettings function in all versions up to, and including, 2.7.1. This makes it possible for authenticated attackers, with subscriber access...

4.3CVSS4.3AI score0.00445EPSS
Exploits0References2
NVD
NVD
added 2024/05/02 5:15 p.m.26 views

CVE-2024-3546

The WordPress Backup & Migration plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the wpmgdppopulatepopup function in all versions up to, and including, 1.4.8. This makes it possible for authenticated attackers, with subscriber access or above...

4.3CVSS4.4AI score0.00491EPSS
Exploits0References2
NVD
NVD
added 2024/05/02 5:15 p.m.13 views

CVE-2024-3287

The SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin for WordPress is vulnerable to unauthorized ld+json description injection due to a missing capability check on the savesettings function in all versions up to, and including, 3.10.2. This makes it possible for unauthenticate...

5.3CVSS5.3AI score0.00565EPSS
Exploits0References2
NVD
NVD
added 2024/05/02 5:15 p.m.18 views

CVE-2024-3233

The Ivory Search – WordPress Search Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxcreateindex function in all versions up to, and including, 5.5.5. This makes it possible for authenticated attackers, with subscriber-lev...

4.3CVSS4.3AI score0.00445EPSS
Exploits0References2
NVD
NVD
added 2024/05/02 5:15 p.m.25 views

CVE-2024-2797

The MailerLite – Signup forms official plugin for WordPress is vulnerable to unauthorized plugin setting changes due to a missing capability check on the toggleRolesAndPermissions and editAllowedRolesAndPermissions functions in all versions up to, and including, 1.7.6. This makes it possible for...

5.3CVSS5.5AI score0.00504EPSS
Exploits0References3
NVD
NVD
added 2024/05/02 5:15 p.m.20 views

CVE-2024-2417

The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the formsaveaction function in all versions up to, and including, 3.1.5. This makes it possible for...

8.8CVSS8.7AI score0.00938EPSS
Exploits0References3
OSV
OSV
added 2024/05/02 5:15 p.m.30 views

CVE-2024-2417

The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the formsaveaction function in all versions up to, and including, 3.1.5. This makes it possible for...

8.8CVSS6.8AI score
Exploits0References3
OSV
OSV
added 2024/05/02 5:15 p.m.3 views

CVE-2024-2043

The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check when downloading form submissions in all versions up to, and including, 2.9.9.7. This makes it possible for unauthenticated...

5.3CVSS5.8AI score0.00532EPSS
Exploits0References3
NVD
NVD
added 2024/05/02 5:15 p.m.118 views

CVE-2024-2043

The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check when downloading form submissions in all versions up to, and including, 2.9.9.7. This makes it possible for unauthenticated...

5.3CVSS5.1AI score0.00532EPSS
Exploits0References3
OSV
OSV
added 2024/05/02 5:15 p.m.3 views

CVE-2024-1809

The Analytify – Google Analytics Dashboard For WordPress GA4 analytics made easy plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on AJAX functions in combination with nonce leakage in all versions up to, and including, 5.2.3. This makes it...

5.4CVSS5.8AI score0.00293EPSS
Exploits0References2
OSV
OSV
added 2024/05/02 5:15 p.m.5 views

CVE-2024-1677

The Print Labels with Barcodes. Create price tags, product labels, order labels for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to an improper capability check on 42 separate AJAX functions in all versions up to, and...

8.8CVSS5.8AI score0.00514EPSS
Exploits0References2
NVD
NVD
added 2024/05/02 5:15 p.m.16 views

CVE-2024-1677

The Print Labels with Barcodes. Create price tags, product labels, order labels for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to an improper capability check on 42 separate AJAX functions in all versions up to, and...

8.8CVSS6.4AI score0.00514EPSS
Exploits0References3
OSV
OSV
added 2024/05/02 5:15 p.m.1 views

CVE-2024-1584

The Analytify – Google Analytics Dashboard For WordPress GA4 analytics made easy plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpacheckauthentication' function in all versions up to, and including, 5.2.1. This makes it possible f...

5.3CVSS5.8AI score0.00435EPSS
Exploits0References2
NVD
NVD
added 2024/05/02 5:15 p.m.10 views

CVE-2024-0908

The Advanced Post Block – Display Posts, Pages, or Custom Posts on Your Page plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the apbPosts function hooked via an AJAX action in all versions up to, and including, 1.13.4. This makes it possible...

5.3CVSS5.2AI score0.00516EPSS
Exploits0References3
Rows per page
Query Builder