1162 matches found
CVE-2023-45649
CVE-2023-45649 affects the WordPress Appointment Hour Booking plugin up to version 1.4.23. The root cause is missing authorization / broken access control, enabling unauthenticated users to exploit misconfigured access levels. The CVSSv3.1 base score is 5.3 (Medium) with impact limited to integri...
CVE-2023-48775
Missing Authorization vulnerability in Gfazioli WP Cleanfix allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cleanfix: from n/a through 5.6.2...
CVE-2024-56234 WordPress VW Automobile Lite theme <= 2.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in VW THEMES VW Automobile Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Automobile Lite: from n/a through 2.1...
CVE-2023-38480
Missing Authorization vulnerability in Certain Dev Booster Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster Elementor Addons: from n/a through 1.4.9...
CVE-2023-38483
Missing Authorization vulnerability in Dylan Blokhuis Instant CSS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Instant CSS: from n/a through 1.1.4...
CVE-2023-36518
Missing Authorization vulnerability in Hugh Lashbrooke Post Hit Counter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Hit Counter: from n/a through 1.3.2...
CVE-2023-33994
Missing Authorization vulnerability in VeronaLabs Slimstat Analytics wp-slimstat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slimstat Analytics: from n/a through = 5.0.5.1...
CVE-2024-54242
CVE-2024-54242 describes a Missing Authorization (Broken Access Control) vulnerability in WordPress Simple Notification plugin versions up to 1.3. The issue arises from incorrectly configured access control, enabling unauthorized actions as described in multiple sources. The CVE affects Simple No...
CVE-2023-36518
CVE-2023-36518 refers to a Broken Access Control issue in WordPress plugin Post Hit Counter (
CVE-2023-32574
CVE-2023-32574 is a missing authorization / broken access control vulnerability in the WordPress plugin Injection Guard (versions
CVE-2022-46838
CVE-2022-46838 affects the WordPress plugin JS Help Desk – Best Help Desk & Support Plugin, versions prior to 2.7.1. The issue is a Missing Authorization vulnerability due to an incorrectly configured access control security level, enabling unauthenticated users to perform settings changes. Impac...
CVE-2022-45840
CVE-2022-45840 affects the WordPress plugin Auto Affiliate Links (versions up to and including 6.2.1.5). The issue is a Missing Authorization/Broken Access Control vulnerability that permits unauthenticated users to exploit access-control misconfigurations within the plugin. Impact details in the...
CVE-2023-49858
Missing Authorization vulnerability in Austin Custom Login custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Login: from n/a through = 4.1.0...
CVE-2023-49857
Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n/a through = 6.1.7...
CVE-2023-49757
Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n/a through = 6.1.10...
CVE-2023-48287
Missing Authorization vulnerability in Matat Technologies TextMe SMS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TextMe SMS: from n/a through 1.9.0...
CVE-2023-29237
Missing Authorization vulnerability in Muhammad Rehman Remove Duplicate Posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Remove Duplicate Posts: from n/a through 1.3.5...
CVE-2023-25469
Missing Authorization vulnerability in Magazine3 Easy Table of Contents allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Table of Contents: from n/a through 2.0.45.2...
CVE-2023-23893
Missing Authorization vulnerability in Igor Benic Simple Giveaways allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Giveaways: from n/a through 2.48.0...
CVE-2023-23823
Missing Authorization vulnerability in Clever Widgets Enhanced Text Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Text Widget: from n/a through 1.5.8...