Total
6613 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-9584 | 1 Webcraftplugins | 1 Image Map Pro | 2024-11-05 | N/A | 5.4 MEDIUM |
| The Image Map Pro plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the AJAX functions in versions up to, and including, 6.0.20. This makes it possible for authenticated attackers with contributor-level privileges or above, to add, update or delete map projects. | |||||
| CVE-2024-10598 | 1 Tongda2000 | 1 Office Anywhere | 2024-11-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability classified as critical was found in Tongda OA 11.2/11.3/11.4/11.5/11.6. This vulnerability affects unknown code of the file general/hr/setting/attendance/leave/data.php of the component Annual Leave Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-37106 | 2024-11-01 | N/A | 8.2 HIGH | ||
| Missing Authorization vulnerability in WishList Products WishList Member X allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WishList Member X: from n/a through 3.26.6 | |||||
| CVE-2024-37456 | 2024-11-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Noptin Newsletter Noptin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Noptin: from n/a through 3.4.2. | |||||
| CVE-2024-37096 | 2024-11-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Popup Box Team Popup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup box: from n/a through 4.5.1. | |||||
| CVE-2024-37276 | 2024-11-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in fifu.App Featured Image from URL allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Featured Image from URL: from n/a through 4.8.1. | |||||
| CVE-2024-37427 | 2024-11-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Timetics: from n/a through 1.0.21. | |||||
| CVE-2024-37926 | 2024-11-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Alex Volkov WP Accessibility Helper (WAH) allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Accessibility Helper (WAH): from n/a through 0.6.2.9. | |||||
| CVE-2024-43119 | 2024-11-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Aruba.It Aruba HiSpeed Cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Aruba HiSpeed Cache: from n/a through 2.0.12. | |||||
| CVE-2024-38777 | 2024-11-01 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in CreativeMotion Titan Anti-spam & Security allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Titan Anti-spam & Security: from n/a through 7.3.6. | |||||
| CVE-2024-38774 | 2024-11-01 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in SiteGround SiteGround Security allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteGround Security: from n/a through 1.5.0. | |||||
| CVE-2024-43212 | 2024-11-01 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in MagePeople Team WpTravelly allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WpTravelly: from n/a through 1.7.7. | |||||
| CVE-2024-43215 | 2024-11-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in creativemotion Social Slider Feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social Slider Feed: from n/a through 2.2.2. | |||||
| CVE-2024-37220 | 2024-11-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in OptinlyHQ Optinly allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Optinly: from n/a through 1.0.18. | |||||
| CVE-2024-43208 | 2024-11-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Miller Media ( Matt Miller ) Send Emails with Mandrill allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Send Emails with Mandrill: from n/a through 1.4.1. | |||||
| CVE-2024-37481 | 2024-11-01 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Post Grid Team by RadiusTheme The Post Grid allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects The Post Grid: from n/a through 7.7.4. | |||||
| CVE-2024-38794 | 2024-11-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in MediaRon LLC Custom Query Blocks allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Custom Query Blocks: from n/a through 5.2.0. | |||||
| CVE-2024-37232 | 2024-11-01 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in Hercules Design Hercules Core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hercules Core: from n/a through 6.5. | |||||
| CVE-2024-38690 | 2024-11-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Avirtum iPanorama 360 WordPress Virtual Tour Builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects iPanorama 360 WordPress Virtual Tour Builder: from n/a through 1.8.3. | |||||
| CVE-2024-37250 | 2024-11-01 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in WPEngine Inc. Advanced Custom Fields PRO allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Custom Fields PRO: from n/a through 6.3.1. | |||||