5 matches found
CVE-2024-43234 WordPress Woffice theme <= 5.4.14 - Unauthenticated Account Takeover vulnerability
Authentication Bypass Using an Alternate Path or Channel vulnerability in WofficeIO Woffice woffice allows Authentication Bypass.This issue affects Woffice: from n/a through = 5.4.14...
CVE-2024-43222
Missing Authorization vulnerability in SeventhQueen Sweet Date sweetdate allows Privilege Escalation.This issue affects Sweet Date: from n/a through = 3.7.3...
CVE-2024-54215 WordPress Revy plugin <= 1.18 - Unauthenticated SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in roninwp Revy revy.This issue affects Revy: from n/a through = 1.18...
CVE-2024-43222 WordPress Sweet Date theme <= 3.7.3 - Privilege Escalation vulnerability
Missing Authorization vulnerability in SeventhQueen Sweet Date sweetdate allows Privilege Escalation.This issue affects Sweet Date: from n/a through = 3.7.3...
CVE-2024-43222
CVE-2024-43222 is a Missing Authorization vulnerability in the Sweet Date (SeventhQueen) WordPress theme. Affected versions are Sweet Date up to and including 3.7.3, and the issue enables unauthenticated privilege escalation. Public details confirm the flaw exists in the theme and that a patch/mi...