CVE-2023-47778

CVE-2023-47778 concerns LuckyWP Scripts Control for WordPress. The vulnerability is a Missing Authorization/Broken Access Control issue in LuckyWP Scripts Control versions

CVE-2023-47807

CVE-2023-47807 — Missing Authorization in WordPress plugin 10WebAnalytics (

CVE-2023-48739

CVE-2023-48739 affects the Porto Theme - Functionality WordPress plugin (pre-2.12.1). The issue is a Missing/Broken Access Control vulnerability allowing unauthenticated access due to incorrectly configured authorization. The CVSSv3.1 base score is 5.3 (Medium) with Low availability impact per Pa...

CVE-2023-48758

CVE-2023-48758 affects Crocoblock JetEngine WordPress plugin. Versions

CVE-2023-47693

CVE-2023-47693 affects Themefic Ultimate Addons for Contact Form 7 (plugin:Ultimate Addons for Contact Form 7) up to version 3.2.6. The issue is a Broken Access Control allowing unauthenticated access due to misconfigured authorization. CVSS v3.1 base score cited as 7.5 (HIGH). Patch guidance fro...

CVE-2023-47692

CVE-2023-47692 is a WordPress Flo Forms plugin vulnerability (affected versions

CVE-2023-47689

CVE-2023-47689 corresponds to a Missing Authorization (Broken Access Control) issue in the WordPress Animator plugin (versions <= 3.0.10) where unauthenticated users can change plugin settings. The vulnerability is documented with CVSS 3.1/6.5 (Medium) and is explicitly mitigated by a fix in v...

CVE-2023-47648

CVE-2023-47648: WordPress plugin EazyDocs (Spider Themes)

CVE-2023-47661

CVE-2023-47661 affects Dragfy Addons for Elementor (WordPress) and is a Missing Authorization/Broken Access Control issue. Affected versions are Dragfy Addons for Elementor

CVE-2023-47647

CVE-2023-47647 corresponds to a Missing Authorization (Broken Access Control) vulnerability in LearningTimes BadgeOS, affecting BadgeOS up to version 3.7.1.6. The issue originates from misconfigured access control levels, enabling unauthorized actions. Reported CVSS 3.1 base score 4.3 (Medium). C...

CVE-2023-47557

CVE-2023-47557 refers to a Missing Authorization vulnerability in the WordPress plugin Visitors Traffic Real Time Statistics (versions

CVE-2023-47515

CVE-2023-47515 concerns the WordPress plugin “Seers – GDPR & CCPA Cookie Consent & Compliance”. Connected sources confirm a Missing Authorization/Broken Access Control issue affecting Seers versions up to 8.1.1, allowing unauthenticated access to configured security levels. The root cause is insu...

CVE-2023-47241

CVE-2023-47241 relates to a Missing Authorization / Broken Access Control vulnerability in the CoCart – Headless ecommerce plugin (WordPress) up to version 3.11.2. Public sources (Patchstack, RH, NVD) confirm unauthenticated access level with an attacker able to exploit improper access control. T...

CVE-2023-47224

CVE-2023-47224 relates to a Missing Authorization vulnerability in the WordPress plugin WP Travel (WP Travel)

CVE-2023-47188

CVE-2023-47188 affects the WordPress plugin Simple Job Board (versions

CVE-2023-47183

CVE-2023-47183 refers to a Missing Authorization (Broken Access Control) vulnerability in GiveWP for WordPress. The issue affects GiveWP versions

CVE-2023-47187

CVE-2023-47187 affects the WordPress plugin Animated Rotating Words (css3-rotating-words). Root cause: Missing authorization/broken access control allowing exploitation under the plugin’s access levels. Affected versions:

CVE-2023-47179

CVE-2023-47179 concerns the WordPress plugin WooODT Lite (ByConsole) with versions

CVE-2023-46644

CVE-2023-46644 documents a Missing Authorization vulnerability in the WP CTA PRO WordPress CTA plugin (WordPress CTA)

CVE-2023-46639

CVE-2023-46639 affects kk Star Ratings (WordPress plugin) up to version 5.4.5. The issue is a Missing Authorization / Broken Access Control vulnerability, enabling unauthorized access due to insufficient access checks. According to Patchstack and CVE records, the vulnerability is mitigated in ver...