CVE-2024-37415 WordPress E2Pdf plugin <= 1.20.27 - Broken Access Control vulnerability

Missing Authorization vulnerability in E2Pdf e2pdf e2pdf.This issue affects e2pdf: from n/a through = 1.20.27...

CVE-2024-37425

CVE-2024-37425 corresponds to a Missing Authorization vulnerability in Automattic Newspack Blocks (WordPress plugin) up to version 3.0.8. Connected sources describe an Authenticated (Contributor+) scenario involving broken/incorrect access control security levels and note that the vulnerability i...

CVE-2024-37425 WordPress Newspack Blocks plugin <= 3.0.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Automattic Newspack Blocks newspack-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newspack Blocks: from n/a through 3.0.8...

CVE-2024-37427

The CVE-2024-37427 case concerns the WordPress Timetics plugin. Affected versions are Timetics 1.0.0 through 1.0.21, with a Missing Authorization / Broken Access Control vulnerability arising from incorrectly configured access control. The issue permits unauthenticated access to certain functions...

CVE-2024-37439 WordPress Uncanny Toolkit Pro for LearnDash plugin < 4.1.4.1 - Subscriber+ Arbitrary Post/Page Duplication vulnerability

Missing Authorization vulnerability in Uncanny Owl Uncanny Toolkit Pro for LearnDash allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Uncanny Toolkit Pro for LearnDash: from n/a through 4.1.4.0...

CVE-2024-37427 WordPress Timetics plugin <= 1.0.21 - Broken Access Control vulnerability

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Timetics: from n/a through 1.0.21...

CVE-2024-37440

CVE-2024-37440 corresponds to a Missing Authorization vulnerability in the WordPress plugin Church Admin (versions n/a through 4.4.4). The issue allows exploitation of incorrectly configured access control and is categorized with a base CVSS of 3.1/4.3 (Medium) per Patch Stack metadata, with impa...

CVE-2024-37443

CVE-2024-37443 corresponds to a Missing Authorization vulnerability in the WP Job Manager - Resume Manager plugin (affected: WP Job Manager - Resume Manager,

CVE-2024-37443 WordPress WP Job Manager plugin <= 2.1.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Automattic WP Job Manager - Resume Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Manager - Resume Manager: from n/a through 2.1.0...

CVE-2024-37443 WordPress WP Job Manager plugin <= 2.1.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Automattic WP Job Manager - Resume Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Manager - Resume Manager: from n/a through 2.1.0...

CVE-2024-37468

CVE-2024-37468 is a Missing Authorization vulnerability in the Blazethemes Newsmatic WordPress theme (affected 1.3.1 and earlier). According to Red Hat and PT Security sources, the issue arises from incorrectly configured access control, enabling unauthorized access to restricted actions. CVSS v3...

CVE-2024-37468 WordPress Newsmatic theme <= 1.3.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in blazethemes Newsmatic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newsmatic: from n/a through 1.3.1...

CVE-2024-37477

CVE-2024-37477: WordPress plugin Newspack Content Converter (versions up to and including 0.1.5) contains a Missing Authorization (broken access control) vulnerability due to incorrectly configured access controls. The issue allows exploitation without sufficient privileges and is documented acro...

CVE-2024-37477 WordPress Newspack Content Converter plugin <= 0.1.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Automattic Newspack Content Converter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newspack Content Converter: from n/a through 0.1.5...

CVE-2024-37482

CVE-2024-37482 corresponds to a Missing Authorization (broken access control) vulnerability in The Post Grid (WordPress plugin by RadiusTheme). The Post Grid allows exploitation of misconfigured access control levels, affecting The Post Grid versions from n/a up to 7.7.4. Public disclosures and t...

CVE-2024-37505

CVE-2024-37505 concerns the WordPress theme Business One Page (Rara Themes) with versions up to 1.2.9. The vulnerability is described as a Missing Authorization/Incorrect Access Control flaw that enables exploitation related to the notice dismissal flow (Missing Authorization to Notice Dismissal)...

CVE-2024-37483

CVE-2024-37483 describes a Missing Authorization vulnerability in the WordPress plugin The Post Grid by RadiusTheme. The issue affects The Post Grid versions up to and including 7.7.4 and involves exploitable access control misconfigurations that permit bypassing authorization checks due to Incor...

CVE-2024-37505 WordPress Business One Page theme <= 1.2.9 - Broken Access Control on Notice Dismissal vulnerability

Missing Authorization vulnerability in Rara Themes Business One Page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Business One Page: from n/a through 1.2.9...

CVE-2024-37516

CVE-2024-37516 concerns a Missing Authorization vulnerability in the WordPress plugin “Featured Image from URL” (FIFU). The issue affects FIFU versions up to 4.8.2 (and earlier as noted in multiple sources). The root cause is incorrectly configured access control, enabling an attacker to exploit ...

CVE-2024-37516 WordPress Featured Image from URL (FIFU) plugin <= 4.8.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in fifu.App Featured Image from URL allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Featured Image from URL: from n/a through 4.8.2...