CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

1378 matches found

CVE•added 2024/12/09 11:30 a.m.•147 views

CVE-2023-47838

CVE-2023-47838 affects the WordPress plugin Conditional Fields for Contact Form 7 (cf7-conditional-fields). Root cause: Missing Authorization / Broken Access Control due to incorrectly configured access control levels, allowing exploitation by low-privilege users. Affected versions:

4.3CVSS7.3AI score0.00322EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•84 views

CVE-2023-47841

CVE-2023-47841 affects the WordPress plugin Analytify (

4.3CVSS8.5AI score0.00355EPSS

Exploits0References1Affected Software1

CVE•added 2024/12/09 11:30 a.m.•87 views

CVE-2023-47847

The CVE CVE-2023-47847 refers to a Missing Authorization vulnerability in the PayTR Taksit Tablosu WordPress plugin (WooCommerce integration). The vulnerability arises from incorrectly configured access control levels, i.e., a Broken Access Control issue that allows exploiting insufficient author...

5.3CVSS8.5AI score0.00401EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•84 views

CVE-2023-48286

CVE-2023-48286 concerns the WordPress Stripe Payments plugin (Accept Stripe Payments) ≤ 2.0.79, with a Missing Authorization/ Broken Access Control vulnerability due to incorrectly configured access controls. Public-facing unauthenticated users could potentially exploit the issue due to unauthent...

8.2CVSS7.3AI score0.00494EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•57 views

CVE-2023-48774

CVE-2023-48774 affects the WordPress IdeaPush plugin (versions

5.4CVSS8.5AI score0.00453EPSS

Exploits0References1Affected Software1

CVE•added 2024/12/09 11:30 a.m.•71 views

CVE-2023-48779

CVE-2023-48779 pertains to WordPress 360 Javascript Viewer (plugin) with Broken Access Control via Missing Authorization. Affected versions are

6.5CVSS7.3AI score0.00551EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•86 views

CVE-2023-49154

CVE-2023-49154 concerns WordPress Button Generator – easily Button Builder (plugin)

5.3CVSS8.5AI score0.00602EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•75 views

CVE-2023-49167

CVE-2023-49167 affects the WordPress Database for CF7 plugin (

6.5CVSS7.3AI score0.00595EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•44 views

CVE-2023-49192

CVE-2023-49192 concerns the WordPress plugin Enhanced Text Widget (Clever Widgets)

5.3CVSS7.3AI score0.00448EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•62 views

CVE-2023-49193

CVE-2023-49193 is a verifiable vulnerability in the WordPress plugin Social Pug (Hubbub Lite) : versions up to and including 1.30.0 allow a Missing Authorization / Broken Access Control condition. Unauthenticated users could exploit incorrectly configured access controls. The issue is publicly do...

5.3CVSS7.3AI score0.00448EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•88 views

CVE-2023-49194

CVE-2023-49194 is a WordPress plugin vulnerability in the Importify – Dropshipping WooCommerce plugin (

5.3CVSS7.4AI score0.00521EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•58 views

CVE-2023-49756

CVE-2023-49756 refers to WordPress Eventin plugin

8.8CVSS7.3AI score0.00563EPSS

Exploits0References1Affected Software1

CVE•added 2024/12/09 11:30 a.m.•84 views

CVE-2023-49757

CVE-2023-49757 concerns WordPress Awesome Support plugin in versions up to 6.1.10, with a Missing Authorization vulnerability due to incorrectly configured access control. Public disclosures and patch data indicate the issue is being addressed, with a fix released in version 6.1.11. Recommended r...

5.4CVSS7.3AI score0.00453EPSS

Exploits0References1Affected Software1

CVE•added 2024/12/09 11:30 a.m.•68 views

CVE-2023-49758

CVE-2023-49758 concerns the WordPress plugin WP Booking System. The issue is a Missing Authorization flaw in wpbs_save_calendar_data that allowed authenticated users (subscriber level and above) to save calendar data on affected versions. Vulnerable range:

4.3CVSS7.3AI score0.00397EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•71 views

CVE-2023-49817

CVE-2023-49817 affects the WordPress plugin Flexible Woocommerce Checkout Field Editor (

8.2CVSS8.6AI score0.00552EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•49 views

CVE-2023-49861

CVE-2023-49861 describes a Missing Authorization vulnerability in the WordPress plugin Social Media Feather (versions ≤ 2.1.3). The issue is attributed to broken access control / improperly configured access security levels , enabling unauthorized access to privileged functions. The CVE entry lis...

4.3CVSS7.3AI score0.00397EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•53 views

CVE-2023-49835

CVE-2023-49835 affects the WordPress plugin Post Duplicator (versions up to 2.31). The issue is described as a Missing Authorization / Broken Access Control vulnerability allowing unauthorized access due to incorrectly configured access control. The vulnerability and its CVE are corroborated by P...

4.3CVSS8.5AI score0.00401EPSS

Exploits0References1Affected Software1

CVE•added 2024/12/09 11:30 a.m.•73 views

CVE-2023-49848

CVE-2023-49848 is a missing/ broken authorization vulnerability in the WordPress Sharkdropship Dropshipping plugin for AliExpress, eBay, Amazon, Etsy (SharkDropship & Affiliate for AliExpress, etc.). Affected versions are up to 2.1.1; exploitation arises from an incorrectly configured access cont...

6.5CVSS7.3AI score0.00496EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•69 views

CVE-2023-49850

CVE-2023-49850 – WordPress WP Simple HTML Sitemap : Affected plugin versions are ≤ 2.7. Root cause is broken access control due to missing authorization checks, allowing unauthenticated access to perform an unauthorized action. CVSS v3.1 base score is 5.3 (Medium) per Patchstack, and reports cons...

5.3CVSS8.5AI score0.00364EPSS

Exploits0References1

CVE•added 2024/12/09 11:30 a.m.•86 views

CVE-2023-49851

CVE-2023-49851 affects the WordPress Square Thumbnails plugin (

5.3CVSS8.5AI score0.00448EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by