CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

186 matches found

CVE•added 2024/06/09 11:18 a.m.•45 views

CVE-2024-31274

CVE-2024-31274: WPDeveloper EmbedPress for WordPress is affected by a Missing Authorization (Broken Access Control) vulnerability in EmbedPress versions up to 3.9.11. Public sources (NVD, Red Hat) rate the CVSS v3.1 base score at 5.3 (Medium), with impact limited to integrity. Public exploitation...

5.3CVSS5.3AI score0.00186EPSS

Exploits0References1Affected Software1

NVD•added 2024/06/09 11:15 a.m.•16 views

CVE-2024-30467

Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg.This issue affects Essential Blocks for Gutenberg: from n/a through 4.4.9...

8.8CVSS0.00396EPSS

Exploits0References1

OSV•added 2024/06/09 11:15 a.m.•0 views

CVE-2024-30467

Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg.This issue affects Essential Blocks for Gutenberg: from n/a through 4.4.9...

8.8CVSS7.3AI score

Exploits0References1

CVE•added 2024/06/09 10:49 a.m.•52 views

CVE-2024-30467

CVE-2024-30467: Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg affects Essential Blocks for Gutenberg versions up to 4.4.9. Root cause is missing authorization checks on access to block functionality. Impact is high for confidentiality, integrity, and availabili...

8.8CVSS6.8AI score0.00396EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/06/09 10:49 a.m.•21 views

CVE-2024-30467 WordPress Essential Blocks plugin <= 4.4.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg.This issue affects Essential Blocks for Gutenberg: from n/a through 4.4.9...

6.5CVSS0.00396EPSS

Exploits0References1

Vulnrichment•added 2024/06/09 10:49 a.m.•14 views

CVE-2024-30467 WordPress Essential Blocks plugin <= 4.4.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg.This issue affects Essential Blocks for Gutenberg: from n/a through 4.4.9...

6.5CVSS7AI score0.00396EPSS

Exploits0References1

NVD•added 2024/06/03 12:15 p.m.•9 views

CVE-2024-34764

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Collision with another CVE ID...

6.8AI score0.00143EPSS

Exploits0

Vulnrichment•added 2024/06/03 11:39 a.m.•10 views

CVE-2024-34764

...

5.2AI score0.00143EPSS

Exploits0

NVD•added 2024/05/17 7:15 a.m.•16 views

CVE-2023-41955

Improper Privilege Management vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation.This issue affects Essential Addons for Elementor: from n/a through 5.8.8...

8.8CVSS8.8AI score0.00348EPSS

Exploits0References1

NVD•added 2024/05/14 3:37 p.m.•7 views

CVE-2024-32717

Missing Authorization vulnerability in WPDeveloper SchedulePress.This issue affects SchedulePress: from n/a through 5.0.8...

6.5CVSS6.5AI score0.00446EPSS

Exploits0References1

Patchstack•added 2024/05/14 12:0 a.m.•7 views

WordPress Essential Addons for Elementor Plugin <= 5.9.20 is vulnerable to Cross Site Scripting (XSS)

Software Essential Addons for Elementor Type Plugin Vulnerable versions = 5.9.20 Fixed in 5.9.21 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4624 Patch priority Low CVSS severity Low 6.5 Developer WPDeveloper PSID 3528751a7ce0 Credits wesley wcra...

6.4CVSS5.8AI score0.00414EPSS

Exploits0References3Affected Software1

CVE•added 2024/05/09 12:23 p.m.•61 views

CVE-2024-32717

CVE-2024-32717 affects the WordPress plugin SchedulePress (WPScheduled-Posts). Connected sources confirm a Missing Authorization / Broken Access Control flaw in SchedulePress versions up to and including 5.0.8, enabling unauthorized access due to inadequate authorization checks. Public advisories...

6.5CVSS5.1AI score0.00446EPSS

Exploits0References1

NVD•added 2024/04/07 6:15 p.m.•8 views

CVE-2024-31306

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Blocks for Gutenberg allows Stored XSS.This issue affects Essential Blocks for Gutenberg: from n/a through 4.5.3...

6.5CVSS6.5AI score0.00139EPSS

Exploits0References1

OSV•added 2024/04/07 6:15 p.m.•0 views

CVE-2024-31306

5.4CVSS7.3AI score0.00139EPSS

Exploits0References1

Cvelist•added 2024/04/07 5:42 p.m.•17 views

CVE-2024-31306 WordPress Essential Blocks plugin <= 4.5.3 - Cross Site Scripting (XSS) vulnerability

6.5CVSS6.6AI score0.00139EPSS

Exploits0References1

CVE•added 2024/04/07 5:42 p.m.•44 views

CVE-2024-31306

CVE-2024-31306 : In the WordPress plugin Essential Blocks – Page Builder Gutenberg Blocks (WPDeveloper) there is a Stored XSS vulnerability due to improper input handling during web page generation, affecting versions up to 4.5.3 . The root cause is insufficient input neutralization when renderin...

6.5CVSS8.6AI score0.00139EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2024/04/07 5:42 p.m.•9 views

CVE-2024-31306 WordPress Essential Blocks plugin <= 4.5.3 - Cross Site Scripting (XSS) vulnerability

6.5CVSS8.6AI score0.00139EPSS

Exploits0References1

NVD•added 2024/03/28 5:15 a.m.•17 views

CVE-2024-30226

Deserialization of Untrusted Data vulnerability in WPDeveloper BetterDocs.This issue affects BetterDocs: from n/a through 3.3.3...

9CVSS9.2AI score0.1182EPSS

Exploits0References1

CVE•added 2024/03/28 4:57 a.m.•64 views

CVE-2024-30226

CVE-2024-30226 affects the WordPress WPDeveloper BetterDocs plugin up to version 3.3.3. The vulnerability is due to deserialization of untrusted data, enabling PHP Object Injection and unauthenticated exploitation. Affects BetterDocs components handling untrusted input; PatchStack and related sou...

9CVSS5.2AI score0.1182EPSS

Exploits0References1Affected Software1