CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6667 matches found

Cvelist•added 2024/06/04 7:9 a.m.•17 views

CVE-2023-34001 WordPress Hide My WP Ghost – Security Plugin plugin <= 5.0.25 - Captcha Bypass vulnerability

Improper Restriction of Excessive Authentication Attempts vulnerability in WPPlugins – WordPress Security Plugins Hide My WP Ghost allows Functionality Bypass.This issue affects Hide My WP Ghost: from n/a through 5.0.25...

5.3CVSS5.4AI score0.00114EPSS

Exploits0References1

Veracode•added 2024/06/04 5:47 a.m.•7 views

Broken Access Control

typo3/cms-core is vulnerable to Broken Access Control. The vulnerability is due to improper restriction of import functionality, which normally is limited to admin users or those with explicit user TSconfig settings. The vulnerability enables file uploads bypassing file abstraction layer...

7.1AI score

Exploits0

Positive Technologies•added 2024/06/04 12:0 a.m.•4 views

PT-2024-12885 · WordPress · Wp-Postratings

Name of the Vulnerable Software and Affected Versions: WP-PostRatings versions 1.91 and earlier Description: The issue is related to an Improper Control of Interaction Frequency vulnerability, allowing Functionality Misuse in WP-PostRatings. Recommendations: For WP-PostRatings versions 1.91 and...

9.8CVSS6AI score0.00631EPSS

Exploits0References7

NVD•added 2024/06/03 11:15 p.m.•11 views

CVE-2023-28492

Missing Authorization vulnerability in CodePeople CP Multi View Event Calendar allows Functionality Misuse.This issue affects CP Multi View Event Calendar: from n/a through 1.4.10...

4.3CVSS4.7AI score0.00248EPSS

Exploits0References1

OSV•added 2024/06/03 10:15 p.m.•2 views

CVE-2023-26523

Missing Authorization vulnerability in CodePeople Calculated Fields Form allows Functionality Misuse.This issue affects Calculated Fields Form: from n/a through 1.1.120...

4.3CVSS5.8AI score

Exploits0References1

NVD•added 2024/06/03 10:15 p.m.•14 views

CVE-2023-26523

Missing Authorization vulnerability in CodePeople Calculated Fields Form allows Functionality Misuse.This issue affects Calculated Fields Form: from n/a through 1.1.120...

4.3CVSS4.7AI score0.00274EPSS

Exploits0References1

NVD•added 2024/06/03 10:15 p.m.•11 views

CVE-2023-27460

Missing Authorization vulnerability in CodePeople, paypaldev CP Contact Form with Paypal allows Functionality Misuse.This issue affects CP Contact Form with Paypal: from n/a through 1.3.34...

8.8CVSS4.7AI score0.00533EPSS

Exploits0References1

OSV•added 2024/06/03 10:15 p.m.•1 views

CVE-2023-27460

Missing Authorization vulnerability in CodePeople, paypaldev CP Contact Form with Paypal allows Functionality Misuse.This issue affects CP Contact Form with Paypal: from n/a through 1.3.34...

8.8CVSS5.8AI score0.00533EPSS

Exploits0References1

NVD•added 2024/06/03 10:15 p.m.•5 views

CVE-2023-26521

Missing Authorization vulnerability in CodePeople Search in Place allows Functionality Misuse.This issue affects Search in Place: from n/a through 1.0.104...

4.3CVSS4.7AI score0.00274EPSS

Exploits0References1

OSV•added 2024/06/03 10:15 p.m.•2 views

CVE-2023-23730

Improper Restriction of Excessive Authentication Attempts vulnerability in Brainstorm Force Spectra allows Functionality Bypass.This issue affects Spectra: from n/a through 2.3.0...

5.3CVSS5.8AI score

Exploits0References1

Cvelist•added 2024/06/03 10:9 p.m.•22 views

CVE-2023-28492 WordPress Calendar Event Multi View plugin <= 1.4.10 - Missing Authorization Leading To Feedback Submission vulnerability

Missing Authorization vulnerability in CodePeople CP Multi View Event Calendar allows Functionality Misuse.This issue affects CP Multi View Event Calendar: from n/a through 1.4.10...

4.3CVSS4.7AI score0.00248EPSS

Exploits0References1

Vulnrichment•added 2024/06/03 10:9 p.m.•15 views

CVE-2023-28492 WordPress Calendar Event Multi View plugin <= 1.4.10 - Missing Authorization Leading To Feedback Submission vulnerability

Missing Authorization vulnerability in CodePeople CP Multi View Event Calendar allows Functionality Misuse.This issue affects CP Multi View Event Calendar: from n/a through 1.4.10...

4.3CVSS6.9AI score0.00248EPSS

Exploits0References1

Vulnrichment•added 2024/06/03 9:59 p.m.•11 views

CVE-2023-27437 WordPress Event Espresso 4 Decaf plugin <= 4.10.44.decaf - Bypass vulnerability

Missing Authorization vulnerability in Event Espresso Event Espresso 4 Decaf allows Functionality Misuse.This issue affects Event Espresso 4 Decaf: from n/a through 4.10.44.Decaf...

3.7CVSS6.9AI score0.00324EPSS

Exploits0References1

Cvelist•added 2024/06/03 9:59 p.m.•18 views

CVE-2023-27437 WordPress Event Espresso 4 Decaf plugin <= 4.10.44.decaf - Bypass vulnerability

Missing Authorization vulnerability in Event Espresso Event Espresso 4 Decaf allows Functionality Misuse.This issue affects Event Espresso 4 Decaf: from n/a through 4.10.44.Decaf...

3.7CVSS4.2AI score0.00324EPSS

Exploits0References1

Cvelist•added 2024/06/03 9:42 p.m.•15 views

CVE-2023-26523 WordPress Calculated Fields Form plugin <= 1.1.120 - Missing Authorization Leading To Feedback Submission Vulnerability

Missing Authorization vulnerability in CodePeople Calculated Fields Form allows Functionality Misuse.This issue affects Calculated Fields Form: from n/a through 1.1.120...

4.3CVSS4.7AI score0.00274EPSS

Exploits0References1

Hacker One•added 2024/06/03 5:42 p.m.•3 views

LinkedIn: Can see phone numbers of others by providing mail address

The vulnerability allowed an attacker to view a user's phone number by abusing the password reset functionality. The phone number was exposed in the input field after verifying the user's email address...

7AI score

Exploits0

RedhatCVE•added 2024/06/03 1:33 p.m.•26 views

CVE-2024-36907

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: add a missing rpcstat for TCP TLS Commit 1548036ef120 "nfs: make the rpcstat per net namespace" added functionality to specify rpcstats function but missed adding it to the TCP TLS functionality. As the result, mounting...

5.5CVSS6.5AI score

Exploits0References4

Positive Technologies•added 2024/06/03 12:0 a.m.•2 views

PT-2024-11997 · Brainstorm Force · Spectra

Name of the Vulnerable Software and Affected Versions: Brainstorm Force Spectra versions prior to 2.3.0 Description: The issue is related to an Improper Restriction of Excessive Authentication Attempts, allowing Functionality Bypass. Recommendations: For versions prior to 2.3.0, update to version...

5.3CVSS6.4AI score0.00133EPSS

Exploits0References7

Veracode•added 2024/05/30 7:13 p.m.•15 views

Cross-site Scripting (XSS)

Umbraco Commerce is vulnerable to stored Cross-site scripting XSS. The vulnerability is due to insufficient input validation in the Print Functionality, allowing attackers to inject malicious code...

5.4CVSS6.2AI score0.00268EPSS

Exploits0References3Affected Software1

NVD•added 2024/05/30 4:15 p.m.•17 views

CVE-2024-36907

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

6.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by