25 matches found
CVE-2024-51660
Missing Authorization vulnerability in Binsaifullah Easy Accordion Gutenberg Block easy-accordion-block allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Accordion Gutenberg Block: from n/a through = 1.2.3...
CVE-2024-47362
Missing Authorization vulnerability in WP Chill Strong Testimonials strong-testimonials.This issue affects Strong Testimonials: from n/a through = 3.1.16...
CVE-2024-47314
Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through = 3.2.8...
CVE-2024-47311
Missing Authorization vulnerability in Kraft Plugins Wheel of Life wheel-of-life allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wheel of Life: from n/a through = 1.1.8...
CVE-2024-43937
Missing Authorization vulnerability in Themeum WP Crowdfunding allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Crowdfunding: from n/a through 2.1.10...
CVE-2024-43932
Missing Authorization vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite the-plus-addons-for-elementor-page-builder.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through = 5.6.2...
CVE-2024-43273
Missing Authorization vulnerability in icegram Icegram Collect plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Icegram Collect plugin: from n/a through 1.3.14...
CVE-2024-43229
Missing Authorization vulnerability in Cornel Raiu WP Search Analytics search-analytics.This issue affects WP Search Analytics: from n/a through = 1.4.9...
CVE-2024-37929
Missing Authorization vulnerability in solwin User Activity Log Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Activity Log Pro: from n/a through 2.3.4...
CVE-2024-37921
Missing Authorization vulnerability in Kiboko Labs Chained Quiz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Chained Quiz: from n/a through 1.3.2.8...
CVE-2024-37269
Missing Authorization vulnerability in StylemixThemes Masterstudy Elementor Widgets allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Masterstudy Elementor Widgets: from n/a through 1.2.2...
CVE-2024-37254
Missing Authorization vulnerability in mndpsingh287 File Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects File Manager: from n/a through 7.2.7...
CVE-2024-37119
Missing Authorization vulnerability in Uncanny Owl Uncanny Automator Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Uncanny Automator Pro: from n/a through 5.3.0.0...
CVE-2024-37249
CVE-2024-37249 concerns the WordPress plugin Advanced Custom Fields PRO (vulnerable through 6.3.1; fixed in 6.3.2). The issue is described as a Missing Authorization vulnerability enabling exploitation of misconfigured access controls (Broken Access Control). In the referenced data, the affected ...
CVE-2024-37106
CVE-2024-37106 pertains to the WishList Member X WordPress plugin. Affected versions are WishList Member X up to 3.26.6. The issue is a Missing/Unauthenticated Authorization flaw that enables Stored Cross-Site Scripting when an attacker exploits misconfigured access control for sensitive areas. T...
CVE-2024-37214
CVE-2024-37214 affects WordPress plugin AliExpress Dropshipping with AliNext Lite (Ali2Woo Lite) ≤ 3.3.5. Reported as Missing Authorization with Stored XSS due to incorrectly configured access control. PTSecurity recommends updating to a version later than 3.3.5; Wordfence and PatchStack notes co...
CVE-2024-37269 WordPress Masterstudy Elementor Widgets plugin <= 1.2.2 - Unauthenticated Broken Access Control vulnerability
Missing Authorization vulnerability in StylemixThemes Masterstudy Elementor Widgets allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Masterstudy Elementor Widgets: from n/a through 1.2.2...
CVE-2024-37477 WordPress Newspack Content Converter plugin <= 0.1.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in Automattic Newspack Content Converter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newspack Content Converter: from n/a through 0.1.5...
CVE-2024-37482
CVE-2024-37482 corresponds to a Missing Authorization (broken access control) vulnerability in The Post Grid (WordPress plugin by RadiusTheme). The Post Grid allows exploitation of misconfigured access control levels, affecting The Post Grid versions from n/a up to 7.7.4. Public disclosures and t...
CVE-2024-43119 WordPress Aruba HiSpeed Cache plugin <= 2.0.12 - Broken Access Control vulnerability
Missing Authorization vulnerability in Aruba.It Aruba HiSpeed Cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Aruba HiSpeed Cache: from n/a through 2.0.12...