CVE-2024-37207

Missing Authorization vulnerability in Theme4Press Demo Awesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Demo Awesome: from n/a through 1.0.2...

CVE-2024-37119

Missing Authorization vulnerability in Uncanny Owl Uncanny Automator Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Uncanny Automator Pro: from n/a through 5.3.0.0...

CVE-2024-37123

Missing Authorization vulnerability in VowelWeb Ibtana allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ibtana: from n/a through 1.2.3.3...

CVE-2024-37096

Missing Authorization vulnerability in Popup Box Team Popup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup box: from n/a through 4.5.1...

CVE-2024-48045

CVE-2024-48045 describes a Missing Authorization/Broken Access Control vulnerability in WordPress plugin Happy Addons for Elementor (Leevio) up to version 3.12.3. The issue arises from incorrectly configured access control, enabling unauthorized access. Patchstack cites a fixed version in 3.12.4 ...

CVE-2024-48045 WordPress Happy Elementor Addons plugin <= 3.12.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Happy Addons for Elementor: from n/a through = 3.12.3...

CVE-2024-48044 WordPress ShortPixel Image Optimizer plugin <= 5.6.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in ShortPixel – Convert WebP/AVIF & Optimize Images ShortPixel Image Optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShortPixel Image Optimizer: from n/a through 5.6.3...

CVE-2024-47314

CVE-2024-47314 (WordPress Sunshine Photo Cart) concerns a Broken Access Control vulnerability (Missing Authorization) in Sunshine Photo Cart

CVE-2024-47311

CVE-2024-47311 relates to a Broken Access Control/missing authorization vulnerability in WordPress plugin Wheel of Life. Affected versions are

CVE-2024-47314 WordPress Sunshine Photo Cart plugin <= 3.2.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through = 3.2.8...

CVE-2024-47311 WordPress Wheel of Life plugin <= 1.1.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Kraft Plugins Wheel of Life allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wheel of Life: from n/a through 1.1.8...

CVE-2024-44038

CVE-2024-44038 : WordPress Sunshine Photo Cart plugin

CVE-2024-47302 WordPress Fluent Support plugin <= 1.8.0 - Broken Access Control on Email Verification vulnerability

Missing Authorization vulnerability in Shahjahan Jewel Fluent Support fluent-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fluent Support: from n/a through = 1.8.0...

CVE-2024-37249

CVE-2024-37249 concerns the WordPress plugin Advanced Custom Fields PRO (vulnerable through 6.3.1; fixed in 6.3.2). The issue is described as a Missing Authorization vulnerability enabling exploitation of misconfigured access controls (Broken Access Control). In the referenced data, the affected ...

CVE-2024-37095 WordPress Envira Photo Gallery plugin <= 1.8.7.3 - CSRF leading to notice dismissal vulnerability

Missing Authorization vulnerability in Envira Gallery Team Envira Photo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envira Photo Gallery: from n/a through 1.8.7.3...

CVE-2024-37095

CVE-2024-37095 concerns the WordPress plugin Envira Gallery Lite/Envira Photo Gallery. Public data show a Missing Authorization vulnerability affecting Envira Gallery versions up to 1.8.7.3, described as a CSRF-related issue that can lead to a notice-dismissal scenario due to incorrectly configur...

CVE-2024-37096

CVE-2024-37096 — WordPress Popup Box plugin contains a missing/incorrectly configured authorization mechanism up to version 4.5.1. The vulnerability is described as Missing Authorization, with a CVSS base score of 4.3 (Medium) and attack vector over the network, requiring low privileges and no us...

CVE-2024-37106

CVE-2024-37106 pertains to the WishList Member X WordPress plugin. Affected versions are WishList Member X up to 3.26.6. The issue is a Missing/Unauthenticated Authorization flaw that enables Stored Cross-Site Scripting when an attacker exploits misconfigured access control for sensitive areas. T...

CVE-2024-37106 WordPress WishList Member X plugin < 3.26.7 - Unautenticated Plugin Settings Change Leading to Stored XSS vulnerability

Missing Authorization vulnerability in WishList Products WishList Member X allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WishList Member X: from n/a through 3.26.6...

CVE-2024-37106 WordPress WishList Member X plugin < 3.26.7 - Unautenticated Plugin Settings Change Leading to Stored XSS vulnerability

Missing Authorization vulnerability in WishList Products WishList Member X allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WishList Member X: from n/a through 3.26.6...