WordPress Integrate Google Drive Plugin <= 1.3.9 is vulnerable to Broken Access Control

Software Integrate Google Drive Type Plugin Vulnerable versions = 1.3.9 Fixed in 1.3.91 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32813 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 3bec4c127fe1 Credits Steven Julian Require...

WordPress Hummingbird Plugin <= 3.7.3 is vulnerable to Broken Access Control

Software Hummingbird Type Plugin Vulnerable versions = 3.7.3 Fixed in 3.7.4 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32792 Patch priority Low CVSS severity Low 4.3 Developer WPMU DEV PSID 9b701eb20e44 Credits Peng Zhou Required privilege...

WordPress WP LinkedIn Auto Publish Plugin <= 8.11 is vulnerable to Broken Access Control

Software WP LinkedIn Auto Publish Type Plugin Vulnerable versions = 8.11 Fixed in 8.12 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32797 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 03094155e86a Credits Abdi Pranata Required...

WordPress Vision Interactive Plugin <= 1.7.1 is vulnerable to Broken Access Control

Software Vision Interactive Type Plugin Vulnerable versions = 1.7.1 Fixed in 1.7.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32779 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID ed5556ff45af Credits Steven Julian Required...

WordPress Appointment Hour Booking Plugin <= 1.4.56 is vulnerable to Other Vulnerability Type

Software Appointment Hour Booking Type Plugin Vulnerable versions = 1.4.56 Fixed in 1.4.57 OWASP Top 10 A4: Insecure Design Classification Other Vulnerability Type CVE CVE-2024-32720 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 228e58c3426d Credits Mochamad Sofyan...

WordPress Headline Analyzer Plugin <= 1.3.3 is vulnerable to Broken Access Control

Software Headline Analyzer Type Plugin Vulnerable versions = 1.3.3 Fixed in 1.3.4 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32806 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 151865fc08d6 Credits Majed Refaea Required...

WordPress ARForms Plugin <= 6.4 is vulnerable to Settings Change

Software ARForms Type Plugin Vulnerable versions = 6.4 Fixed in 6.4.1 OWASP Top 10 A1: Broken Access Control Classification Settings Change CVE CVE-2024-32704 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bcff8bbe359f Credits Dave Jong Patchstack Required privilege...

WordPress CookieHub Plugin <= 1.1.0 is vulnerable to Broken Access Control

Software CookieHub Type Plugin Vulnerable versions = 1.1.0 Fixed in 1.1.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32784 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID bf6c0519f789 Credits Abdi Pranata Required privilege...

WordPress Coupon & Discount Code Reveal Button Plugin <=1.2.5 is vulnerable to Cross Site Scripting (XSS)

Software Coupon & Discount Code Reveal Button Type Plugin Vulnerable versions =1.2.5 Fixed in 1.2.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32722 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID abdf37204c70 Credits emad Required...

WordPress Advanced Testimonial Carousel for Elementor Plugin <= 3.0.0 is vulnerable to Broken Access Control

Software Advanced Testimonial Carousel for Elementor Type Plugin Vulnerable versions = 3.0.0 Fixed in 3.0.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32783 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 35c8e0e158f5 Credits...

WordPress Data Tables Generator by Supsystic Plugin <= 1.10.31 is vulnerable to Broken Access Control

Software Data Tables Generator by Supsystic Type Plugin Vulnerable versions = 1.10.31 Fixed in 1.10.32 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32829 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c3d8bb1fd9d8 Credits Steven...

WordPress Premium Addons for Elementor Plugin <= 4.10.25 is vulnerable to Cross Site Scripting (XSS)

Software Premium Addons for Elementor Type Plugin Vulnerable versions = 4.10.25 Fixed in 4.10.26 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32791 Patch priority Low CVSS severity Low 6.5 Developer LeapWorx PSID 5e608ef68f6a Credits Ray Wilson Required privileg...

WordPress AI Post Generator | AutoWriter Plugin <= 3.3 is vulnerable to Broken Access Control

Software AI Post Generator | AutoWriter Type Plugin Vulnerable versions = 3.3 Fixed in 3.4 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32713 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 1f7f2444d49e Credits LVT-tholv2k Requir...

WordPress Royal Elementor Addons Plugin <= 1.3.94 is vulnerable to Arbitrary File Upload

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.94 Fixed in 1.3.95 OWASP Top 10 A5: Broken Access Control Classification Arbitrary File Upload CVE CVE-2024-1567 Patch priority High CVSS severity High 8.2 Developer WProyal PSID 7b79f8ce62d8 Credits wesley wcraft Required...

WordPress Frontend Dashboard Plugin <= 2.2.2 is vulnerable to Sensitive Data Exposure

Software Frontend Dashboard Type Plugin Vulnerable versions = 2.2.2 Fixed in 2.2.4 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-32726 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID f88db22e1e34 Credits Emili Castells...

WordPress Email Customizer for WooCommerce Plugin <= 2.6.0 is vulnerable to Sensitive Data Exposure

Software Email Customizer for WooCommerce Type Plugin Vulnerable versions = 2.6.0 Fixed in 2.6.1 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-32781 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID bb85c76645da Credits Emili...

WordPress ProfileGrid Plugin <= 5.7.9 is vulnerable to Insecure Direct Object References (IDOR)

Software ProfileGrid Type Plugin Vulnerable versions = 5.7.9 Fixed in 5.8.0 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-32772 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 0b59bd9029de Credits Kyle Sanchez...

WordPress BizPrint Plugin <= 4.3.39 is vulnerable to Broken Access Control

Software BizPrint Type Plugin Vulnerable versions = 4.3.39 Fixed in 4.5.4 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32777 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID c14f75079ee7 Credits Joshua Chan Required privilege...

WordPress Frontend Admin by DynamiApps Plugin <= 3.19.4 is vulnerable to Privilege Escalation

Software Frontend Admin by DynamiApps Type Plugin Vulnerable versions = 3.19.4 Fixed in 3.19.5 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-3729 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 4ebfbce29f56...

WordPress FV Flowplayer Video Player Plugin <= 7.5.43.7212 is vulnerable to Server Side Request Forgery (SSRF)

Software FV Flowplayer Video Player Type Plugin Vulnerable versions = 7.5.43.7212 Fixed in 7.5.45.7212 OWASP Top 10 A10: Server-Side Request Forgery SSRF Classification Server Side Request Forgery SSRF CVE CVE-2024-32955 Patch priority Low CVSS severity Low 4.9 Developer Claim ownership PSID...