Filtered by vendor Wordpress
Subscriptions
Filtered by product Wordpress
Subscriptions
Total
4985 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-48277 | 1 Wordpress | 1 Wordpress | 2024-12-09 | 4.3 Medium |
| Missing Authorization vulnerability in SuperPWA Super Progressive Web Apps allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Super Progressive Web Apps: from n/a through 2.2.21. | ||||
| CVE-2023-49858 | 1 Wordpress | 1 Wordpress | 2024-12-09 | 4.3 Medium |
| Missing Authorization vulnerability in Austin Passy Custom Login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Login: from n/a through 4.1.0. | ||||
| CVE-2023-49859 | 1 Wordpress | 1 Wordpress | 2024-12-09 | 4.3 Medium |
| Missing Authorization vulnerability in Pixelite Login With Ajax allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login With Ajax: from n/a through 4.1. | ||||
| CVE-2023-49861 | 1 Wordpress | 1 Wordpress | 2024-12-09 | 4.3 Medium |
| Missing Authorization vulnerability in socialmediafeather Social Media Feather allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social Media Feather: from n/a through 2.1.3. | ||||
| CVE-2023-49167 | 1 Wordpress | 1 Wordpress | 2024-12-09 | 6.5 Medium |
| Missing Authorization vulnerability in Code4Life Database for CF7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Database for CF7: from n/a through 1.2.4. | ||||
| CVE-2023-49156 | 2 Godaddy, Wordpress | 2 Godaddy Email Marketing, Wordpress | 2024-12-09 | 4.3 Medium |
| Missing Authorization vulnerability in GoDaddy GoDaddy Email Marketing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GoDaddy Email Marketing: from n/a through 1.4.3. | ||||
| CVE-2023-47838 | 1 Wordpress | 1 Wordpress | 2024-12-09 | 4.3 Medium |
| Missing Authorization vulnerability in Jules Colle Conditional Fields for Contact Form 7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Conditional Fields for Contact Form 7: from n/a through 2.4.1. | ||||
| CVE-2023-27454 | 2 Apollo13themes, Wordpress | 2 Rife Elementor Extensions & Templates, Wordpress | 2024-12-09 | 5.4 Medium |
| Missing Authorization vulnerability in Apollo13Themes Rife Elementor Extensions & Templates allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rife Elementor Extensions & Templates: from n/a through 1.1.10. | ||||
| CVE-2023-49849 | 1 Wordpress | 1 Wordpress | 2024-12-09 | 4.3 Medium |
| Missing Authorization vulnerability in Aakash Chakravarthy Shortcoder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shortcoder: from n/a through 6.3. | ||||
| CVE-2023-49758 | 1 Wordpress | 1 Wordpress | 2024-12-09 | 4.3 Medium |
| Missing Authorization vulnerability in Veribo, Roland Murg WP Booking System allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Booking System: from n/a through 2.0.19.2. | ||||
| CVE-2023-49754 | 1 Wordpress | 1 Wordpress | 2024-12-09 | 4.3 Medium |
| Missing Authorization vulnerability in Yogesh Pawar, Clarion Technologies Bulk Edit Post Titles allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bulk Edit Post Titles: from n/a through 5.0.0. | ||||
| CVE-2023-47830 | 1 Wordpress | 1 Wordpress | 2024-12-09 | 5.4 Medium |
| Missing Authorization vulnerability in Addons for Contact Form 7 Live Preview for Contact Form 7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Live Preview for Contact Form 7: from n/a through 1.2.0. | ||||
| CVE-2023-47820 | 2 Crudlab, Wordpress | 2 Wp Like Button, Wordpress | 2024-12-09 | 4.3 Medium |
| Missing Authorization vulnerability in CRUDLab WP Like Button allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Like Button: from n/a through 1.7.0. | ||||
| CVE-2023-47793 | 1 Wordpress | 1 Wordpress | 2024-12-09 | 4.3 Medium |
| Missing Authorization vulnerability in acmethemes Acme Fix Images allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Acme Fix Images: from n/a through 1.0.0. | ||||
| CVE-2023-32094 | 1 Wordpress | 1 Wordpress | 2024-12-09 | 5.4 Medium |
| Missing Authorization vulnerability in Felix Welberg Extended Post Status allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Extended Post Status: from n/a through 1.0.19. | ||||
| CVE-2023-31214 | 1 Wordpress | 1 Wordpress | 2024-12-09 | 5.4 Medium |
| Missing Authorization vulnerability in Arul Prasad J WP Quick Post Duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Quick Post Duplicator: from n/a through 2.0. | ||||
| CVE-2023-29239 | 1 Wordpress | 1 Wordpress | 2024-12-09 | 5.4 Medium |
| Missing Authorization vulnerability in LuckyWP LuckyWP Scripts Control allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LuckyWP Scripts Control: from n/a through 1.2.1. | ||||
| CVE-2023-29237 | 1 Wordpress | 1 Wordpress | 2024-12-09 | 6.3 Medium |
| Missing Authorization vulnerability in Muhammad Rehman Remove Duplicate Posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Remove Duplicate Posts: from n/a through 1.3.5. | ||||
| CVE-2023-27625 | 1 Wordpress | 1 Wordpress | 2024-12-09 | 4.3 Medium |
| Missing Authorization vulnerability in Paul Ryley Site Reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Site Reviews: from n/a through 6.5.0. | ||||
| CVE-2024-6897 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 6.4 Medium |
| The aThemes Starter Sites plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.53 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file. | ||||