CVE-2023-45658

The CVE concerns the WordPress Nexter theme (

CVE-2023-47770

CVE-2023-47770 concerns Betheme WordPress theme (Muffin Group) with a Missing Authorization vulnerability in versions up to 27.1.1. The issue is described as Broken Access Control / Missing Authorization, enabling privilege escalation for authenticated users (Contributor level and above) to acces...

CVE-2023-47771

CVE-2023-47771 affects WordPress plugin Essential Grid (ThemePunch OHG). It is a Missing Authorization vulnerability (Broken Access Control) enabling authenticated users with subscriber+ privileges to access functions intended for higher-privilege users. Affected versions: up to 3.0.18; CVSS v3.1...

CVE-2023-47783

CVE-2023-47783 is a Missing Authorization (Broken Access Control) vulnerability in Thrive Theme Builder up to version 3.23.x (before 3.24.0). The issue affects Thrive Theme Builder and is caused by a missing capability check in a function, enabling authenticated users with subscriber-level access...

CVE-2023-48759

CVE-2023-48759 is a Missing Authorization vulnerability in Crocoblock JetElements For Elementor (affected: Elementor JetElements <= 2.6.13). The issue allows unauthenticated users to download arbitrary attachments due to a missing authorization check on the download path (arbitrary attachment ...

CVE-2023-51495

CVE-2023-51495 relates to the WooCommerce Warranty Requests WordPress plugin. Affected product: WooCommerce Warranty Requests (plugin slug woocommerce-warranty) up to version 2.2.7. Description in sources: a Missing Authorization vulnerability (Broken Access Control) that could allow unauthentica...

CVE-2023-51496

CVE-2023-51496 affects the WordPress WooCommerce Warranty Requests plugin (versions up to 2.2.7). The issue is a Missing Authorization vulnerability that could allow unauthorized access to warranty requests. CVSS v3.1 base metrics reported by NVD and PatchStack indicate a Medium severity impact (...

CVE-2023-51507

Technical details about CVE-2023-51507 are not provided in the supplied documents. No explicit affected versions beyond 8.1.16 or remediation steps are listed; monitor for updates.

CVE-2023-51516

CVE-2023-51516 is a Missing Authorization vulnerability (Broken Access Control) affecting the WordPress plugin “Business Directory Plugin – Easy Listing Directories for WordPress” up to version 6.3.9. The root cause, per provided documents, is a dispatch-related authorization issue. Connected sou...

CVE-2023-51523

CVE-2023-51523 is a Missing Authorization (Broken Access Control) vulnerability affecting the WordPress plugin WooCommerce Easy Duplicate Product (

CVE-2023-45288 affecting package node-problem-detector for versions less than 0.8.17-3

CVE-2023-45288 affecting package node-problem-detector for versions less than 0.8.17-3. A patched version of the package is available...

CVE-2023-40603

CVE-2023-40603 affects the WordPress plugin Simple Org Chart (versions up to and including 2.3.4). The root cause is Missing Authorization (Broken Access Control) allowing unauthenticated access to tree settings. The vulnerability is currently unpatched in the sources provided (no fixed version i...

CVE-2023-41240

CVE-2023-41240 concerns the WordPress plugin Pricing Deals for WooCommerce . Affected versions are up to 2.0.3.2 and the issue is described as Missing Authorization / Broken Access Control . It allows an unauthenticated user to exploit a lack of authorization (e.g., via the vtprd_ajax_clone_rule ...

CVE-2023-44234

CVE-2023-44234 affects the WordPress WP GPX Maps plugin (WP GPX Maps) up to version 1.7.08. Root cause: Missing Authorization (Broken Access Control) allows access to resources without proper permission validation. Documented severity is low (CVSS ~4.3). Public references indicate the vulnerabili...

CVE-2023-47845

CVE-2023-47845 describes a CSRF vulnerability in the WordPress plugin Grab & Save (versions

CVE-2023-47828

CVE-2023-47828 affects the WordPress wpMandrill plugin. Public documents identify a Missing Authorization/Broken Access Control via getAjaxStats in wpMandrill versions up to and including 1.33, allowing authenticated users (subscriber level and above) to access mailing statistics. Affected softwa...

CVE-2023-51526

CVE-2023-51526 is a Missing Authorization vulnerability in the WordPress plugin Simple Staff List (affected: up to version 2.2.4). The connected data confirm the issue arises from missing authorization for specific admin actions, notably via ajax_flush_rewrite_rules and staff_member_export, allow...

CVE-2023-51680

Summary: CVE-2023-51680 affects the WordPress plugin “Quotes for WooCommerce.” The root cause is missing authorization checks leading to Broken Access Control in AJAX actions. The vulnerability exists in versions up to and including 2.0.1 and can allow manipulation of quotes by authenticated user...

CVE-2023-52117

Technical details for CVE-2023-52117 are not provided in the connected documents. According to the initial description, this is a Missing Authorization vulnerability affecting ProfileGrid

CVE-2023-52177

CVE-2023-52177 affects the WordPress plugin Integrate Google Drive by SoftLab with Missing Authorization (Broken Access Control) in versions from n/a to 1.3.3. The available sources confirm affected software and root cause, but provide no public details on exploit vectors, impact beyond what’s st...