31 matches found
WordPress Restaurant & Cafe Addon for Elementor Plugin <= 1.5.9 is vulnerable to Broken Access Control
Software Restaurant & Cafe Addon for Elementor Type Plugin Vulnerable versions = 1.5.9 Fixed in 1.6.0 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Access Control CVE CVE-2024-10780 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID...
WordPress Social Login Plugin <= 5.9.0 is vulnerable to Privilege Escalation
Software Social Login Type Plugin Vulnerable versions = 5.9.0 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-10961 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 284fa6881d99 Credits wesley wcraf...
WordPress Theme Builder For Elementor Plugin <= 1.2.2 is vulnerable to Broken Access Control
Software Theme Builder For Elementor Type Plugin Vulnerable versions = 1.2.2 Fixed in 1.2.3 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Access Control CVE CVE-2024-10782 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 266b574a3c97...
WordPress Easy Twitter Feed Plugin <= 1.2.6 is vulnerable to Broken Access Control
Software Easy Twitter Feed Type Plugin Vulnerable versions = 1.2.6 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Access Control CVE CVE-2024-10666 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7120bb84b17b Credits Francesc...
WordPress UserPlus Plugin <= 2.0 is vulnerable to Privilege Escalation
Software UserPlus Type Plugin Vulnerable versions = 2.0 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-52442 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 1a20cf86d1cd Credits João Pedro S...
WordPress Th Shop Mania Theme <= 1.4.9 is vulnerable to Arbitrary Code Execution
Software Th Shop Mania Type Theme Vulnerable versions = 1.4.9 Fixed in 1.5.0 OWASP Top 10 A7: Identification and Authentication Failures Classification Arbitrary Code Execution CVE CVE-2024-10674 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 314680b4b995 Credits Sean...
WordPress Signup Page Plugin <= 1.0 is vulnerable to Privilege Escalation
Software Signup Page Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-50475 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 15ed63623277 Credits Mika Required...
WordPress Token Login Plugin <= 1.0.3 is vulnerable to Broken Authentication
Software Token Login Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-50488 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 18531b1d1720 Credits stealthcopte...
WordPress Wux Blog Editor Plugin <= 3.0.0 is vulnerable to Broken Authentication
Software Wux Blog Editor Type Plugin Vulnerable versions = 3.0.0 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9931 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 140fce8f5a83 Credits István...
WordPress MaanStore API Plugin <= 1.0.1 is vulnerable to Broken Authentication
Software MaanStore API Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-50487 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 80e67caa15fa Credits...
WordPress WPS Telegram Chat Plugin <= 4.5.4 is vulnerable to Broken Access Control
Software WPS Telegram Chat Type Plugin Vulnerable versions = 4.5.4 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Access Control CVE CVE-2024-9628 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 35d166ea4c51 Credits...
WordPress WooCommerce Order Proposal Plugin <= 2.0.5 is vulnerable to Broken Authentication
Software WooCommerce Order Proposal Type Plugin Vulnerable versions = 2.0.5 Fixed in 2.0.6 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9927 Patch priority Low CVSS severity Low 7.2 Developer Claim ownership PSID d873b6f7fa89 Credit...
WordPress Simple User Registration Plugin <= 6.0 is vulnerable to Broken Authentication
Software Simple User Registration Type Plugin Vulnerable versions = 6.0 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-49604 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 22ee8177d626 Credits...
WordPress Miniorange OTP Verification with Firebase Plugin <= 3.6.0 is vulnerable to Broken Authentication
Software Miniorange OTP Verification with Firebase Type Plugin Vulnerable versions = 3.6.0 Fixed in 3.6.1 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9861 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID...
WordPress BuddyPress Better Registration Plugin <= 1.6 is vulnerable to Broken Authentication
Software BuddyPress Better Registration Type Plugin Vulnerable versions = 1.6 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-49247 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 4288fed05f70...
WordPress JupiterX Core Plugin <= 4.7.5 is vulnerable to Broken Authentication
Software JupiterX Core Type Plugin Vulnerable versions = 4.7.5 Fixed in 4.7.8 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-7781 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 4950f50fad7a Credits Geo Void...
WordPress Uncanny Groups for LearnDash Plugin <= 6.1.0.1 is vulnerable to Privilege Escalation
Software Uncanny Groups for LearnDash Type Plugin Vulnerable versions = 6.1.0.1 Fixed in 6.1.1 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-8349 Patch priority Medium CVSS severity Medium 7.2 Developer Claim ownership PSID 0a9f41b67f...
WordPress WPForms User Registration Plugin <= 2.1.0 is vulnerable to Privilege Escalation
Software WPForms User Registration Type Plugin Vulnerable versions = 2.1.0 Fixed in 2.1.2 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-52209 Patch priority Low CVSS severity Low 8 Developer Claim ownership PSID 78ca3b70599d Credits...
WordPress XStore Core Plugin <= 5.3.8 is vulnerable to Privilege Escalation
Software XStore Core Type Plugin Vulnerable versions = 5.3.8 Fixed in 5.3.9 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-33552 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID d1199dede4c1 Credits Rafie...
WordPress MasterStudy LMS Plugin <= 3.3.1 is vulnerable to Privilege Escalation
Software MasterStudy LMS Type Plugin Vulnerable versions = 3.3.1 Fixed in 3.3.2 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-2409 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 8dbe36bee6fd Credits Hiroho...