Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2024-56071 Incorrect Privilege Assignment vulnerability in mikeleembruggen Simple Dashboard simple-dashboard allows Privilege Escalation.This issue affects Simple Dashboard: from n/a through <= 2.0. | 9.8 | CRITICAL | — | 0 |
| CVE-2024-56205 Incorrect Privilege Assignment vulnerability in SunnyKai AI Magic newsletter-page-redirects allows Privilege Escalation.This issue affects AI Magic: from n/a through <= 1.0.4. | 9.8 | CRITICAL | — | 0 |
| CVE-2024-49686 Missing Authorization vulnerability in fatcatapps Landing Page Cat landing-page-cat.This issue affects Landing Page Cat: from n/a through <= 1.7.4. | 5.4 | MEDIUM | — | 0 |
| CVE-2024-49687 Missing Authorization vulnerability in storeapps Smart Manager smart-manager-for-wp-e-commerce.This issue affects Smart Manager: from n/a through <= 8.45.0. | 4.3 | MEDIUM | — | 0 |
| CVE-2024-49694 Missing Authorization vulnerability in imw3 My Wp Brand my-wp-brand.This issue affects My Wp Brand: from n/a through <= 1.1.2. | 5.3 | MEDIUM | — | 0 |
| CVE-2024-49698 Missing Authorization vulnerability in PriceListo Best Restaurant Menu by PriceListo best-restaurant-menu-by-pricelisto.This issue affects Best Restaurant Menu by PriceListo: from n/a through <= 1.4.2... | 4.3 | MEDIUM | — | 0 |
| CVE-2024-51667 Missing Authorization vulnerability in paytiumsupport Paytium paytium.This issue affects Paytium: from n/a through <= 4.4.10. | 4.3 | MEDIUM | — | 0 |
| CVE-2024-55995 Missing Authorization vulnerability in Torod Company for Information Technology Torod torod allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Torod: from n/a t... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-56002 Missing Authorization vulnerability in mightyforms Contact Form, Survey & Form Builder – MightyForms mightyforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affe... | 6.4 | MEDIUM | — | 0 |
| CVE-2024-56043 Incorrect Privilege Assignment vulnerability in VibeThemes WPLMS wplms_plugin allows Privilege Escalation.This issue affects WPLMS: from n/a through <= 1.9.9. | 9.8 | CRITICAL | — | 0 |
| CVE-2024-56044 Authentication Bypass Using an Alternate Path or Channel vulnerability in VibeThemes WPLMS wplms_plugin allows Authentication Bypass.This issue affects WPLMS: from n/a through <= 1.9.9. | 9.8 | CRITICAL | — | 0 |
| CVE-2024-56045 Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS wplms_plugin allows Path Traversal.This issue affects WPLMS: from n/a through < 1.9.9.5. | 9.3 | CRITICAL | — | 0 |
| CVE-2024-56061 Missing Authorization vulnerability in Ateeq Rafeeq RepairBuddy computer-repair-shop allows Privilege Escalation.This issue affects RepairBuddy: from n/a through <= 3.8119. | 8.8 | HIGH | — | 0 |
| CVE-2024-56066 Missing Authorization vulnerability in inspry Agency Toolkit agency-toolkit allows Privilege Escalation.This issue affects Agency Toolkit: from n/a through <= 1.0.23. | 9.8 | CRITICAL | — | 0 |
| CVE-2024-56070 Missing Authorization vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP SuperBackup: from n/a... | 7.4 | HIGH | — | 0 |
| CVE-2024-56203 Cross-Site Request Forgery (CSRF) vulnerability in gholme4 Wayne Audio Player wayne-audio-player allows Privilege Escalation.This issue affects Wayne Audio Player: from n/a through <= 1.0. | 8.8 | HIGH | — | 0 |
| CVE-2024-56204 Cross-Site Request Forgery (CSRF) vulnerability in yonisink Sinking Dropdowns sinking-dropdowns allows Privilege Escalation.This issue affects Sinking Dropdowns: from n/a through <= 1.25. | 8.8 | HIGH | — | 0 |
| CVE-2024-56206 Cross-Site Request Forgery (CSRF) vulnerability in krishankakkar gap-hub-user-role gap-hub-user-role allows Authentication Bypass.This issue affects gap-hub-user-role: from n/a through <= 3.4.1. | 8.8 | HIGH | — | 0 |
| CVE-2024-56207 Cross-Site Request Forgery (CSRF) vulnerability in EditionGuard EditionGuard for WooCommerce – eBook Sales with DRM editionguard-for-woocommerce-ebook-sales-with-drm allows Privilege Escalation.This i... | 8.8 | HIGH | — | 0 |
| CVE-2024-56062 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Stored XSS.This issue affects Royal ... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-56063 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Stored XSS.T... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-56020 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in svegliadesign SvegliaT Buttons svegliat-buttons allows Stored XSS.This issue affects SvegliaT Butt... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-56021 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ibnuyahya Category Post Shortcode category-post-shortcode allows Stored XSS.This issue affects Cat... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-56019 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gavinr Inline Footnotes inline-footnotes allows Stored XSS.This issue affects Inline Footnotes: fr... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-56027 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bizswoop Leads CRM leads-crm allows Reflected XSS.This issue affects Leads CRM: from n/a through <... | 7.1 | HIGH | — | 0 |
| CVE-2024-56028 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lemonadestudio Lemonade Social Networks Autoposter Pinterest lemonade-sna-pinterest-edition allows... | 7.1 | HIGH | — | 0 |
| CVE-2024-56029 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dreamwinner Easy Language Switcher easy-language-switcher allows Reflected XSS.This issue affects ... | 7.1 | HIGH | — | 0 |
| CVE-2024-56030 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Carver Lab 10CentMail 10centmail-subscription-management-and-analytics allows Reflected XSS.This i... | 7.1 | HIGH | — | 0 |
| CVE-2024-56032 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FolioVision FV Descriptions fv-descriptions allows Reflected XSS.This issue affects FV Description... | 7.1 | HIGH | — | 0 |
| CVE-2024-56033 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Think201 FAQs faqs allows Reflected XSS.This issue affects FAQs: from n/a through <= 1.0.2. | 7.1 | HIGH | — | 0 |
| CVE-2024-56034 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Irshad A.Khan Services updates for customers service-updates-for-customers allows Reflected XSS.Th... | 7.1 | HIGH | — | 0 |
| CVE-2024-56035 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kurt Payne Upload Scanner upload-scanner allows Reflected XSS.This issue affects Upload Scanner: f... | 7.1 | HIGH | — | 0 |
| CVE-2024-56036 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ondrej Donek odPhotogallery od-photogallery-plugin allows Reflected XSS.This issue affects odPhoto... | 7.1 | HIGH | — | 0 |
| CVE-2024-56037 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoftClever Limited User Referral user-referral-free allows Reflected XSS.This issue affects User R... | 7.1 | HIGH | — | 0 |
| CVE-2024-56038 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catalinsendsms SendSMS sendsms allows Reflected XSS.This issue affects SendSMS: from n/a through <... | 7.1 | HIGH | — | 0 |
| CVE-2024-56060 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Link Software LLC HTML Forms html-forms allows Reflected XSS.This issue affects HTML Forms: from n... | 7.1 | HIGH | — | 0 |
| CVE-2024-56069 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup allows Reflected XSS.This issue affects WP SuperBack... | 7.1 | HIGH | — | 0 |
| CVE-2023-44988 Missing Authorization vulnerability in Northern Beaches Websites WP Custom Admin Interface wp-custom-admin-interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue ... | 4.3 | MEDIUM | — | 0 |
| CVE-2023-45002 Missing Authorization vulnerability in weDevs WP User Frontend wp-user-frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a th... | 4.3 | MEDIUM | — | 0 |
| CVE-2023-45045 Missing Authorization vulnerability in krozero WP Custom Widget area wp-custom-widget-area allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Widget a... | N/A | NONE | — | 0 |
| CVE-2023-45061 Missing Authorization vulnerability in awsm.in WP Job Openings wp-job-openings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Openings: from n/a thro... | N/A | NONE | — | 0 |
| CVE-2023-45104 Missing Authorization vulnerability in WPDeveloper BetterLinks betterlinks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BetterLinks: from n/a through <= 1... | 8.8 | HIGH | — | 0 |
| CVE-2023-45110 Missing Authorization vulnerability in boldthemes Bold Timeline Lite bold-timeline-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bold Timeline Lite: f... | N/A | NONE | — | 0 |
| CVE-2023-45271 Missing Authorization vulnerability in WPXPO WowStore product-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WowStore: from n/a through <= 2.7.8. | N/A | NONE | — | 0 |
| CVE-2023-45275 Missing Authorization vulnerability in WP Chill Kali Forms kali-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kali Forms: from n/a through <= 2.3.28. | N/A | NONE | — | 0 |
| CVE-2023-45636 Missing Authorization vulnerability in WebToffee WordPress Backup & Migration wp-migration-duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPre... | N/A | NONE | — | 0 |
| CVE-2023-45649 Missing Authorization vulnerability in codepeople Appointment Hour Booking appointment-hour-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Appointme... | N/A | NONE | — | 0 |
| CVE-2023-45760 Missing Authorization vulnerability in AdvancedCoding wpDiscuz wpdiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpDiscuz: from n/a through <= 7.6.3. | 8.8 | HIGH | — | 0 |
| CVE-2023-45765 Missing Authorization vulnerability in weDevs WP ERP erp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP ERP: from n/a through <= 1.12.6. | 4.3 | MEDIUM | — | 0 |
| CVE-2023-45766 Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through <= 4.7.1. | 5.3 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.