CVE-2024-25595

Authentication Bypass by Spoofing vulnerability in WPMU DEV Defender Security allows Functionality Bypass.This issue affects Defender Security: from n/a through 4.4.1...

CVE-2024-21746

Authentication Bypass by Spoofing vulnerability in Roxnor Wp Ultimate Review wp-ultimate-review allows Identity Spoofing.This issue affects Wp Ultimate Review: from n/a through = 2.3.6...

CVE-2024-32685 WordPress WP Ultimate Review plugin <= 2.2.5 - Review Score Manipulation vulnerability

Client-Side Enforcement of Server-Side Security vulnerability in Wpmet Wp Ultimate Review allows Functionality Bypass.This issue affects Wp Ultimate Review: from n/a through 2.2.5...

CVE-2024-32685 WordPress WP Ultimate Review plugin <= 2.2.5 - Review Score Manipulation vulnerability

Client-Side Enforcement of Server-Side Security vulnerability in Wpmet Wp Ultimate Review allows Functionality Bypass.This issue affects Wp Ultimate Review: from n/a through 2.2.5...

CVE-2024-32685

CVE-2024-32685 targets the WP Ultimate Review WordPress plugin (

CVE-2024-21746 WordPress Wp Ultimate Review plugin <= 2.3.6 - IP limit Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in Roxnor Wp Ultimate Review wp-ultimate-review allows Identity Spoofing.This issue affects Wp Ultimate Review: from n/a through = 2.3.6...

CVE-2024-25906

CVE-2024-25906 affects the WordPress plugin Comments Like Dislike (WP Happy Coders) up to version 1.2.2 . The issue is an authentication bypass via spoofing, specifically an IP restriction bypass that can allow functionality bypass/escalation of access as described in Patchstack and Red Hat/NVD r...

CVE-2024-30479 WordPress LionScripts: IP Blocker Lite plugin <= 11.1.1 - Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in LionScripts IP Blocker Lite allows Functionality Bypass.This issue affects IP Blocker Lite: from n/a through 11.1.1...

CVE-2024-30480

CVE-2024-30480 describes anAuthentication Bypass by Spoofing vulnerability in the WordPress plugin CGC Maintenance Mode. Public sources (NVD/Red Hat/VulnEnrichment) confirm the issue affects CGC Maintenance Mode versions

CVE-2024-30522 WordPress Newsletter plugin <= 8.2.0 - IP Blacklist Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in Stefano Lissa & The Newsletter Team Newsletter allows Functionality Bypass.This issue affects Newsletter: from n/a through 8.2.0...

CVE-2024-31295 WordPress Captcha by BestWebSoft plugin <= 5.2.0 - Captcha Bypass vulnerability

Guessable CAPTCHA vulnerability in BestWebSoft Captcha by BestWebSoft allows Functionality Bypass.This issue affects Captcha by BestWebSoft: from n/a through 5.2.0...

CVE-2024-31341

CVE-2024-31341 affects Cozmoslabs Profile Builder for WordPress (

CVE-2024-32131

CVE-2024-32131 describes an information disclosure in WordPress Download Manager (plugin). The vulnerability, titled Exposure of Sensitive Information to an Unauthorized Actor, allows a password-protected file lock bypass in versions up to 3.2.82 (includes 3.2.82). The CVSS v3.1 score is 7.5 (HIG...

CVE-2024-32131 WordPress Download Manager plugin <= 3.2.82 - File Password Lock Bypass vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in W3 Eden Inc. Download Manager allows Functionality Bypass.This issue affects Download Manager: from n/a through 3.2.82...

CVE-2024-33917

CVE-2024-33917 is an Authentication Bypass by Spoofing vulnerability in the WordPress plugin WTI Like Post by Webtechideas, affecting versions up to 1.4.6 . Public detail across sources identifies the issue as an IP spoofing-based authentication bypass that could allow bypassing normal access con...

PT-2024-23984 · Cozmoslabs · Cozmoslabs Profile Builder

Name of the Vulnerable Software and Affected Versions: Cozmoslabs Profile Builder versions prior to 3.11.2 Description: The issue is related to Insufficient Verification of Data Authenticity, allowing Functionality Bypass in Cozmoslabs Profile Builder. Recommendations: For versions prior to 3.11....

CVE-2023-1705

Missing Authorization vulnerability in Forcepoint F|One SmartEdge Agent on Windows bgAutoinstaller service modules allows Privilege Escalation, Functionality Bypass.This issue affects F|One SmartEdge Agent: before 1.7.0.230330-554...

CVE-2023-1705

Missing Authorization vulnerability in Forcepoint F|One SmartEdge Agent on Windows bgAutoinstaller service modules allows Privilege Escalation, Functionality Bypass.This issue affects F|One SmartEdge Agent: before 1.7.0.230330-554...

CVE-2023-1705

Missing Authorization vulnerability in Forcepoint F|One SmartEdge Agent on Windows bgAutoinstaller service modules allows Privilege Escalation, Functionality Bypass.This issue affects F|One SmartEdge Agent: before 1.7.0.230330-554...

PT-2024-11942 · Forcepoint · Forcepoint F|One Smartedge Agent

Name of the Vulnerable Software and Affected Versions: Forcepoint F|One SmartEdge Agent versions prior to 1.7.0.230330-554 Description: The issue is related to a Missing Authorization vulnerability in the bgAutoinstaller service modules of Forcepoint F|One SmartEdge Agent on Windows, allowing...