Lucene search
K

10517 matches found

Cvelist
Cvelist
added 2024/05/02 4:51 p.m.21 views

CVE-2024-1584 Analytify <= 5.2.1 - Missing Authorization to Unauthenticated Google Analytics Tracking ID Modification

The Analytify – Google Analytics Dashboard For WordPress GA4 analytics made easy plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpacheckauthentication' function in all versions up to, and including, 5.2.1. This makes it possible f...

5.3CVSS5.3AI score0.00435EPSS
Exploits0References2
CVE
CVE
added 2024/05/02 4:51 p.m.51 views

CVE-2024-1584

CVE-2024-1584 affects Analytify – Google Analytics Dashboard For WordPress (GA4 analytics made easy). The issue is a missing capability check in wpa_check_authentication across all versions up to 5.2.1, enabling unauthorized modification of the site’s Google Analytics tracking ID by unauthenticat...

5.3CVSS6.5AI score0.00435EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/02 4:51 p.m.13 views

CVE-2024-3520 Country State City Dropdown CF7 <= 2.7.1 - Missing Authorization

The Country State City Dropdown CF7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tccscapatchsettings function in all versions up to, and including, 2.7.1. This makes it possible for authenticated attackers, with subscriber access...

4.3CVSS5.9AI score0.00445EPSS
Exploits0References2
CVE
CVE
added 2024/05/02 4:51 p.m.67 views

CVE-2024-3520

The Country State City Dropdown CF7 WordPress plugin has a root-cause issue: a missing capability check in tc_csca_patch_settings leading to unauthorized data modification. Affected versions are all up to 2.7.1; authenticated users with subscriber rights and above can add states/cities to the dro...

4.3CVSS6.4AI score0.00445EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/02 12:0 a.m.5 views

WordPress plugin Ivory Search 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS6.2AI score0.00445EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/02 12:0 a.m.3 views

WordPress plugin Admin Bar Remover 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

4.3CVSS6.2AI score0.00431EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/05/02 12:0 a.m.7 views

WordPress plugin Tutor LMS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.5CVSS6.4AI score0.00466EPSS
Exploits2References3
BDU FSTEC
BDU FSTEC
added 2024/05/02 12:0 a.m.4 views

The vulnerability of the Hotspot component in Oracle Java SE software, as well as in Oracle GraalVM Enterprise Edition and Oracle GraalVM for JDK virtual machines, allows attackers to modify, add, or delete data.

The vulnerability of the Hotspot component of the Oracle Java SE software platform, as well as of the Oracle GraalVM Enterprise Edition and Oracle GraalVM for JDK virtual machines, is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to...

3.7CVSS6.3AI score0.00746EPSS
Exploits0References15Affected Software15
BDU FSTEC
BDU FSTEC
added 2024/05/02 12:0 a.m.9 views

The vulnerability of the Web Access component of the Oracle Primavera P6 Enterprise Project Portfolio Management application allows a perpetrator to gain unauthorized access to protected information and to modify, add, or delete data.

The vulnerability of the Web Access component of the Oracle Primavera P6 Enterprise Project Portfolio Management application relates to insufficient validation of input data. Exploiting this vulnerability may allow an attacker to gain unauthorized access to protected information and to modify, ad...

8.5CVSS7.2AI score0.00527EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2024/05/02 12:0 a.m.4 views

WordPress plugin Post Grid 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS6.2AI score0.0056EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/05/02 12:0 a.m.4 views

WordPress plugin ShopLentor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

4.3CVSS6.3AI score0.0034EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/02 12:0 a.m.4 views

WordPress plugin Analytify 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS6.2AI score0.00435EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/05/02 12:0 a.m.4 views

PT-2024-24511 · WordPress · The Ivory Search

Name of the Vulnerable Software and Affected Versions: The Ivory Search – WordPress Search Plugin versions up to, and including, 5.5.5 Description: The issue allows authenticated attackers with subscriber-level access and above to modify data without authorization due to a missing capability chec...

4.3CVSS6.5AI score0.00445EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/05/02 12:0 a.m.6 views

WordPress plugin WP Datepicker 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

8.8CVSS6.2AI score0.00911EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/05/02 12:0 a.m.4 views

PT-2024-28487 · WordPress · Masterstudy Lms Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: The MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin for WordPress versions up to, and including, 3.3.8 Description: The issue allows authenticated attackers with subscriber level permissions and above to access,...

6.3CVSS6.7AI score0.00384EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/05/02 12:0 a.m.6 views

WordPress plugin Print Labels with Barcodes 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS6.3AI score0.00514EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/02 12:0 a.m.9 views

WordPress plugin 2Checkout Payment Gateway for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

5.3CVSS6.2AI score0.00397EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/04/30 4:54 p.m.2 views

mysql: Server: DDL unspecified vulnerability (CPU Jan 2024)

Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash complete DOS of MySQL Server as well a...

5.5CVSS5.8AI score0.00839EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/04/30 4:54 p.m.5 views

mysql: Server: DDL unspecified vulnerability (CPU Apr 2023)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

5.5CVSS7.3AI score0.01272EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/04/30 4:54 p.m.6 views

mysql: Server: DML unspecified vulnerability (CPU Apr 2024)

A flaw was found in the MySQL Server product of Oracle MySQL component: Server: DML. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability ...

5.5CVSS7AI score0.00838EPSS
Exploits0References5
Rows per page
Query Builder