Lucene search
K

10517 matches found

Vulnrichment
Vulnrichment
added 2024/04/09 6:59 p.m.11 views

CVE-2024-1934 WP Compress – Image Optimizer <= 6.11.08 - Missing Authorization to Unauthenticated CDN Modification

The WP Compress – Image Optimizer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpslocalcompress::construct' function in all versions up to, and including, 6.11.10. This makes it possible for unauthenticated attackers to reset th...

7.5CVSS7.2AI score0.00718EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/04/09 6:58 p.m.12 views

CVE-2024-0626 WooCommerce Clover Payment Gateway <= 1.3.1 - Missing Authorization via callback_handler

The WooCommerce Clover Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the callbackhandler function in all versions up to, and including, 1.3.1. This makes it possible for unauthenticated attackers to mark orders as paid...

5.3CVSS7.2AI score0.00641EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/04/09 6:58 p.m.14 views

CVE-2024-1308

The WooCommerce Cloak Affiliate Links plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'permalinksettingssave' function in all versions up to, and including, 1.0.33. This makes it possible for unauthenticated attackers to modify the...

7.5CVSS7.3AI score0.00748EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/04/09 6:58 p.m.30 views

CVE-2024-1637 360 Javascript Viewer <= 1.7.12 - Missing Authorization to Plugin Settings Update

The 360 Javascript Viewer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check and nonce exposure on several AJAX actions in all versions up to, and including, 1.7.12. This makes it possible for authenticated attackers, with subscriber access o...

4.3CVSS4.6AI score0.00497EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/04/09 6:58 p.m.15 views

CVE-2024-1637

The 360 Javascript Viewer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check and nonce exposure on several AJAX actions in all versions up to, and including, 1.7.12. This makes it possible for authenticated attackers, with subscriber access o...

4.3CVSS6.5AI score0.00497EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/04/09 6:58 p.m.19 views

CVE-2024-1641 Accordion <= 2.2.96 - Missing Authorization to Authenticated(Contributor+) Post Duplication

The Accordion plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the 'accordionsduplicatepostasdraft' function in all versions up to, and including, 2.2.96. This makes it possible for authenticated attackers, with...

5.4CVSS5.4AI score0.00481EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/04/09 6:58 p.m.15 views

CVE-2024-1641 Accordion <= 2.2.96 - Missing Authorization to Authenticated(Contributor+) Post Duplication

The Accordion plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the 'accordionsduplicatepostasdraft' function in all versions up to, and including, 2.2.96. This makes it possible for authenticated attackers, with...

5.4CVSS7.4AI score0.00481EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/04/09 12:56 a.m.14 views

CVE-2024-30215 Cross-Site Scripting (XSS) vulnerability in SAP Business Connector

The Resource Settings page allows a high privilege attacker to load exploitable payload to be stored and reflected whenever a User visits the page. In a successful attack, some information could be obtained and/or modified. However, the attacker does not have control over what information is...

4.8CVSS5.2AI score0.00316EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.3 views

WordPress Plugin WooCommerce Cloak Affiliate Links 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

7.5CVSS8.1AI score0.00748EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.3 views

WordPress Plugin Accordion 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...

5.4CVSS8AI score0.00481EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.3 views

WordPress Plugin WooCommerce Clover Payment Gateway 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress Plugin...

5.3CVSS8.3AI score0.00641EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.3 views

WordPress Plugin 360 Javascript Viewer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS8.4AI score0.00497EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.3 views

WordPress Plugin Relevanssi 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

8.2CVSS8.2AI score0.0081EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.4 views

WordPress Plugin WP Compress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

7.5CVSS8.2AI score0.00718EPSS
Exploits0References4
NVD
NVD
added 2024/04/06 4:15 a.m.17 views

CVE-2024-3216

The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wtpklistresetsettings function in all versions up to, and including, 4.4.2. This makes it possible for...

5.3CVSS5.1AI score0.00444EPSS
Exploits0References2
CVE
CVE
added 2024/04/06 3:24 a.m.61 views

CVE-2024-3216

CVE-2024-3216 refers to the WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress. Connected sources confirm a root cause: missing capability check in wt_pklist_reset_settings(), affecting all versions up to 4.4.2. This enables unauthenticated attackers ...

5.3CVSS9.1AI score0.00444EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/04/06 12:0 a.m.2 views

WordPress Plugin Image Watermark 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

4.3CVSS8.3AI score0.00344EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/06 12:0 a.m.2 views

WordPress Plugin WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin WooCommerce PDF Invoices,...

5.3CVSS8.2AI score0.00444EPSS
Exploits0References3
WPVulnDB
WPVulnDB
added 2024/04/05 12:0 a.m.32 views

WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels < 4.4.3 - Missing Authorization to Unauthenticated Settings Reset

Description The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wtpklistresetsettings function in all versions up to, and including, 4.4.2. This makes it...

5.3CVSS6.7AI score0.00444EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2024/04/04 12:34 a.m.30 views

CVE-2024-26763

In the Linux kernel, the following vulnerability has been resolved: dm-crypt: don't modify the data when using authenticated encryption It was said that authenticated encryption could produce invalid tag when the data that is being encrypted is modified 1. So, fix this problem by copying the data...

5.5CVSS6.8AI score0.00282EPSS
Exploits0References4
Rows per page
Query Builder