Show filters
1,075 Total Results
Displaying 141-150 of 1,075
Sort by:
Attacker Value
Unknown
CVE-2024-43355
Disclosure Date: November 01, 2024 (last updated November 13, 2024)
Missing Authorization vulnerability in BearDev JoomSport allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JoomSport: from n/a through 5.3.0.
0
Attacker Value
Unknown
CVE-2024-43323
Disclosure Date: November 01, 2024 (last updated November 19, 2024)
Missing Authorization vulnerability in ReviewX ReviewX allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ReviewX: from n/a through 1.6.28.
0
Attacker Value
Unknown
CVE-2024-43118
Disclosure Date: November 01, 2024 (last updated November 02, 2024)
Missing Authorization vulnerability in WPMU DEV Hummingbird allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hummingbird: from n/a through 3.9.1.
0
Attacker Value
Unknown
CVE-2024-38707
Disclosure Date: November 01, 2024 (last updated November 02, 2024)
Missing Authorization vulnerability in WPDeveloper EmbedPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EmbedPress: from n/a through 4.0.4.
0
Attacker Value
Unknown
CVE-2024-37444
Disclosure Date: November 01, 2024 (last updated November 02, 2024)
Missing Authorization vulnerability in WPMU DEV Defender Security allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Defender Security: from n/a through 4.7.1.
0
Attacker Value
Unknown
CVE-2024-9700
Disclosure Date: October 31, 2024 (last updated January 05, 2025)
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.36.0 via the submit_quizzes() function due to missing validation on the 'entry_id' user controlled key. This makes it possible for unauthenticated attackers to modify other user's quiz submissions.
0
Attacker Value
Unknown
CVE-2024-47640
Disclosure Date: October 29, 2024 (last updated November 01, 2024)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in weDevs WP ERP allows Reflected XSS.This issue affects WP ERP: from n/a through 1.13.2.
0
Attacker Value
Unknown
CVE-2024-50427
Disclosure Date: October 29, 2024 (last updated October 29, 2024)
Unrestricted Upload of File with Dangerous Type vulnerability in Devsoft Baltic OÜ SurveyJS: Drag & Drop WordPress Form Builder.This issue affects SurveyJS: Drag & Drop WordPress Form Builder: from n/a through 1.9.136.
0
Attacker Value
Unknown
CVE-2024-50433
Disclosure Date: October 28, 2024 (last updated February 06, 2025)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wowDevs Sky Addons for Elementor allows Stored XSS.This issue affects Sky Addons for Elementor: from n/a through 2.5.15.
0
Attacker Value
Unknown
CVE-2024-50461
Disclosure Date: October 28, 2024 (last updated November 14, 2024)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloper EmbedPress allows Stored XSS.This issue affects EmbedPress: from n/a through 4.0.14.
0
