CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3385 matches found

CVE•added 2024/12/09 11:30 a.m.•86 views

CVE-2023-47832

CVE-2023-47832 affects the WordPress SearchIQ plugin (versions

5.3CVSS7.3AI score0.00401EPSS

Exploits0References1Affected Software1

CVE•added 2024/12/09 11:30 a.m.•83 views

CVE-2023-47836

CVE-2023-47836 affects the WP Meta and Date Remover plugin for WordPress, specifically versions

5.4CVSS7.3AI score0.00364EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•150 views

CVE-2023-47838

CVE-2023-47838 affects the WordPress plugin Conditional Fields for Contact Form 7 (cf7-conditional-fields). Root cause: Missing Authorization / Broken Access Control due to incorrectly configured access control levels, allowing exploitation by low-privilege users. Affected versions:

4.3CVSS7.3AI score0.00322EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•85 views

CVE-2023-47841

CVE-2023-47841 affects the WordPress plugin Analytify (

4.3CVSS8.5AI score0.00355EPSS

Exploits0References1Affected Software1

CVE•added 2024/12/09 11:30 a.m.•90 views

CVE-2023-47847

The CVE CVE-2023-47847 refers to a Missing Authorization vulnerability in the PayTR Taksit Tablosu WordPress plugin (WooCommerce integration). The vulnerability arises from incorrectly configured access control levels, i.e., a Broken Access Control issue that allows exploiting insufficient author...

5.3CVSS8.5AI score0.00401EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•87 views

CVE-2023-48286

CVE-2023-48286 concerns the WordPress Stripe Payments plugin (Accept Stripe Payments) ≤ 2.0.79, with a Missing Authorization/ Broken Access Control vulnerability due to incorrectly configured access controls. Public-facing unauthenticated users could potentially exploit the issue due to unauthent...

8.2CVSS7.3AI score0.00494EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•57 views

CVE-2023-48774

CVE-2023-48774 affects the WordPress IdeaPush plugin (versions

5.4CVSS8.5AI score0.00453EPSS

Exploits0References1Affected Software1

CVE•added 2024/12/09 11:30 a.m.•75 views

CVE-2023-48779

CVE-2023-48779 pertains to WordPress 360 Javascript Viewer (plugin) with Broken Access Control via Missing Authorization. Affected versions are

6.5CVSS7.3AI score0.00551EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•87 views

CVE-2023-49154

CVE-2023-49154 concerns WordPress Button Generator – easily Button Builder (plugin)

5.3CVSS8.5AI score0.00602EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•77 views

CVE-2023-49167

CVE-2023-49167 affects the WordPress Database for CF7 plugin (

6.5CVSS7.3AI score0.00595EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•46 views

CVE-2023-49192

CVE-2023-49192 concerns the WordPress plugin Enhanced Text Widget (Clever Widgets)

5.3CVSS7.3AI score0.00448EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•63 views

CVE-2023-49193

CVE-2023-49193 is a verifiable vulnerability in the WordPress plugin Social Pug (Hubbub Lite) : versions up to and including 1.30.0 allow a Missing Authorization / Broken Access Control condition. Unauthenticated users could exploit incorrectly configured access controls. The issue is publicly do...

5.3CVSS7.3AI score0.00448EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•92 views

CVE-2023-49194

CVE-2023-49194 is a WordPress plugin vulnerability in the Importify – Dropshipping WooCommerce plugin (

5.3CVSS7.4AI score0.00521EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•59 views

CVE-2023-49756

CVE-2023-49756 refers to WordPress Eventin plugin

8.8CVSS7.3AI score0.00563EPSS

Exploits0References1Affected Software1

CVE•added 2024/12/09 11:30 a.m.•85 views

CVE-2023-49757

CVE-2023-49757 concerns WordPress Awesome Support plugin in versions up to 6.1.10, with a Missing Authorization vulnerability due to incorrectly configured access control. Public disclosures and patch data indicate the issue is being addressed, with a fix released in version 6.1.11. Recommended r...

5.4CVSS7.3AI score0.00453EPSS

Exploits0References1Affected Software1

CVE•added 2024/12/09 11:30 a.m.•68 views

CVE-2023-49758

CVE-2023-49758 concerns the WordPress plugin WP Booking System. The issue is a Missing Authorization flaw in wpbs_save_calendar_data that allowed authenticated users (subscriber level and above) to save calendar data on affected versions. Vulnerable range:

4.3CVSS7.3AI score0.00397EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•72 views

CVE-2023-49817

CVE-2023-49817 affects the WordPress plugin Flexible Woocommerce Checkout Field Editor (

8.2CVSS8.6AI score0.00552EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•50 views

CVE-2023-49861

CVE-2023-49861 describes a Missing Authorization vulnerability in the WordPress plugin Social Media Feather (versions ≤ 2.1.3). The issue is attributed to broken access control / improperly configured access security levels , enabling unauthorized access to privileged functions. The CVE entry lis...

4.3CVSS7.3AI score0.00397EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•55 views

CVE-2023-49835

CVE-2023-49835 affects the WordPress plugin Post Duplicator (versions up to 2.31). The issue is described as a Missing Authorization / Broken Access Control vulnerability allowing unauthorized access due to incorrectly configured access control. The vulnerability and its CVE are corroborated by P...

4.3CVSS8.5AI score0.00401EPSS

Exploits0References1Affected Software1

CVE•added 2024/12/09 11:30 a.m.•74 views

CVE-2023-49848

CVE-2023-49848 is a missing/ broken authorization vulnerability in the WordPress Sharkdropship Dropshipping plugin for AliExpress, eBay, Amazon, Etsy (SharkDropship & Affiliate for AliExpress, etc.). Affected versions are up to 2.1.1; exploitation arises from an incorrectly configured access cont...

6.5CVSS7.3AI score0.00496EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by