CVEs from 2023
Total
6,112
critical
critical 240
high
high 1,529
medium
medium 1,393
low
low 32
% Critical
3.9%
% with KEV
2.7%
% with exploit
3.5%
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- ftmg-esr50sxx 8
- ftmg-esn40sxx 8
- ftmg-esd25axx 8
- ftmg-esr40sxx 8
- ftmg-esd15axx 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-4630 | medium | 5.0 | 5.0 | 3y ago | An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which a… | |||
| CVE-2023-32743 | medium | 4.9 | 4.9 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 5.7.1. | |||
| CVE-2023-47236 | medium | 4.9 | 4.9 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Avirtum iPages Flipbook For WordPress.This issue affects iPages Flipbook For WordPress: from n/a … | |||
| CVE-2023-38519 | medium | 4.9 | 4.9 | 3y ago | MainWP Dashboard SQL Command Injection vulnerability | |||
| CVE-2023-3907 | medium | 4.9 | 4.9 | 3y ago | A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows a project Maintainer to use a Project Access … | |||
| CVE-2023-38515 | medium | 4.9 | 4.9 | 3y ago | Server-Side Request Forgery (SSRF) vulnerability in Andy Moyle Church Admin.This issue affects Church Admin: from n/a through 3.7.56. | |||
| CVE-2023-37978 | medium | 4.9 | 4.9 | 3y ago | Server-Side Request Forgery (SSRF) vulnerability in Dimitar Ivanov HTTP Headers.This issue affects HTTP Headers: from n/a through 1.18.11. | |||
| CVE-2023-31219 | medium | 4.9 | 4.9 | 3y ago | Server-Side Request Forgery (SSRF) vulnerability in WPChill Download Monitor.This issue affects Download Monitor: from n/a through 4.8.1. | |||
| CVE-2023-27609 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NetTantra WP Roles at Registration allows Stored XSS.This issue affects WP Roles at Regist… | |||
| CVE-2023-51370 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NinjaTeam WP Chat App allows Stored XSS.This issue affects WP Chat App: from n/a through 3.4.4. | |||
| CVE-2023-47526 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chart Builder Team Chartify – WordPress Chart Plugin allows Stored XSS.This issue affects Chartif… | |||
| CVE-2023-51695 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPEverest Everest Forms – Build Contact Forms, Surveys, Polls, Application Forms, and more with E… | |||
| CVE-2023-51691 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gVectors Team Comments – wpDiscuz allows Stored XSS.This issue affects Comments – wpDiscuz: from … | |||
| CVE-2023-51685 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LJ Apps WP Review Slider allows Stored XSS.This issue affects WP Review Slider: from n/a through … | |||
| CVE-2023-51548 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Neil Gee SlickNav Mobile Menu allows Stored XSS.This issue affects SlickNav Mobile Menu: from n/a… | |||
| CVE-2023-51536 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRM Perks CRM Perks Forms – WordPress Form Builder allows Stored XSS.This issue affects CRM Perks… | |||
| CVE-2023-51534 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brave Brave – Create Popup, Optins, Lead Generation, Survey, Sticky Elements & Interactive Conten… | |||
| CVE-2023-52197 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Impactpixel Ads Invalid Click Protection allows Stored XSS.This issue affects Ads Invalid Click P… | |||
| CVE-2023-52203 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Oliver Seidel, Bastian Germann cformsII allows Stored XSS.This issue affects cformsII: from n/a t… | |||
| CVE-2023-51374 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ZeroBounce ZeroBounce Email Verification & Validation allows Stored XSS.This issue affects ZeroBo… | |||
| CVE-2023-51372 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes HashBar – WordPress Notification Bar allows Stored XSS.This issue affects HashBar – Wor… | |||
| CVE-2023-51371 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bit Assist Chat Widget: WhatsApp Chat, Facebook Messenger Chat, Telegram Chat Bubble, Line Messen… | |||
| CVE-2023-51361 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ginger Plugins Sticky Chat Widget: Click to chat, SMS, Email, Messages, Call Button, Live Chat an… | |||
| CVE-2023-50896 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in weForms weForms – Easy Drag & Drop Contact Form Builder For WordPress allows Stored XSS.This issu… | |||
| CVE-2023-50836 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ibericode HTML Forms allows Stored XSS.This issue affects HTML Forms: from n/a through 1.3.28. | |||
| CVE-2023-50832 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mondula GmbH Multi Step Form allows Stored XSS.This issue affects Multi Step Form: from n/a throu… | |||
| CVE-2023-50830 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Seosbg Seos Contact Form allows Stored XSS.This issue affects Seos Contact Form: from n/a through… | |||
| CVE-2023-50829 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aerin Loan Repayment Calculator and Application Form allows Stored XSS.This issue affects Loan Re… | |||
| CVE-2023-50828 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Vongries Ultimate Dashboard – Custom WordPress Dashboard allows Stored XSS.This issue affec… | |||
| CVE-2023-50827 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Accredible Accredible Certificates & Open Badges allows Stored XSS.This issue affects Accredible … | |||
| CVE-2023-50826 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Freshlight Lab Menu Image, Icons made easy allows Stored XSS.This issue affects Menu Image, Icons… | |||
| CVE-2023-49829 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeum Tutor LMS – eLearning and online course solution allows Stored XSS.This issue affects Tut… | |||
| CVE-2023-49767 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Biteship Biteship: Plugin Ongkos Kirim Kurir Instant, Reguler, Kargo allows Stored XSS.This issue… | |||
| CVE-2023-49191 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Supsystic GDPR Cookie Consent by Supsystic allows Stored XSS.This issue affects GDPR Cookie Conse… | |||
| CVE-2023-49190 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chandra Shekhar Sahu Site Offline Or Coming Soon Or Maintenance Mode allows Stored XSS.This issue… | |||
| CVE-2023-49189 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Getsocial, S.A. Social Share Buttons & Analytics Plugin – GetSocial.Io allows Stored XSS.This iss… | |||
| CVE-2023-49180 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ternstyle LLC Automatic Youtube Video Posts Plugin allows Stored XSS.This issue affects Automatic… | |||
| CVE-2023-49157 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andreas Münch Multiple Post Passwords allows Stored XSS.This issue affects Multiple Post Password… | |||
| CVE-2023-49842 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpexpertsio Rocket Maintenance Mode & Coming Soon Page allows Stored XSS.This issue affects Rocke… | |||
| CVE-2023-49841 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FancyThemes Optin Forms – Simple List Building Plugin for WordPress allows Stored XSS.This issue … | |||
| CVE-2023-49770 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Peter Raschendorfer Smart External Link Click Monitor [Link Log] allows Stored XSS.This issue aff… | |||
| CVE-2023-49195 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kyle Phillips Nested Pages allows Stored XSS.This issue affects Nested Pages: from n/a through 3.… | |||
| CVE-2023-49743 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeff Starr Dashboard Widgets Suite allows Stored XSS.This issue affects Dashboard Widgets Suite: … | |||
| CVE-2023-48320 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebDorado SpiderVPlayer allows Stored XSS.This issue affects SpiderVPlayer: from n/a through 1.5.… | |||
| CVE-2023-34018 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoundCloud Inc. SoundCloud Shortcode allows Stored XSS.This issue affects SoundCloud Shortcode: f… | |||
| CVE-2023-39921 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Molongui Author Box, Guest Author and Co-Authors for Your Posts – Molongui allows Stored XSS.This… | |||
| CVE-2023-41128 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Iqonic Design WP Roadmap – Product Feedback Board allows Stored XSS.This issue affects WP Roadmap… | |||
| CVE-2023-41127 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Evergreen Content Poster Evergreen Content Poster – Auto Post and Schedule Your Best Content to S… | |||
| CVE-2023-40680 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Team Yoast Yoast SEO allows Stored XSS.This issue affects Yoast SEO: from n/a through 21.0. | |||
| CVE-2023-48329 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeBard Fast Custom Social Share by CodeBard allows Stored XSS.This issue affects Fast Custom So… | |||
| CVE-2023-41136 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Laurence/OhMyBox.Info Simple Long Form allows Stored XSS.This issue affects Simple Long Form: fro… | |||
| CVE-2023-48737 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PT Trijaya Digital Grup TriPay Payment Gateway allows Stored XSS.This issue affects TriPay Paymen… | |||
| CVE-2023-47759 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Premio Chaty chaty allows DOM-Based XSS.This issue affects Chaty: from n/a through <= 3.1.2. | |||
| CVE-2023-36688 | medium | 4.8 | 4.8 | 3y ago | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Michael Mann Simple Site Verify plugin <= 1.0.7 versions. | |||
| CVE-2023-47228 | medium | 4.8 | 4.8 | 3y ago | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Muneeb Layer Slider plugin <= 1.1.9.7 versions. | |||
| CVE-2023-47227 | medium | 4.8 | 4.8 | 3y ago | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Web-Settler Social Feed | All social media in one place plugin <= 1.5.4.6 versions. | |||
| CVE-2023-47226 | medium | 4.8 | 4.8 | 3y ago | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Post Sliders & Post Grids plugin <= 1.0.20 versions. | |||
| CVE-2023-47223 | medium | 4.8 | 4.8 | 3y ago | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP Map Plugins Basic Interactive World Map plugin <= 2.0 versions. | |||
| CVE-2023-47181 | medium | 4.8 | 4.8 | 3y ago | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Martin Gibson IdeaPush plugin <= 8.52 versions. | |||
| CVE-2023-46642 | medium | 4.8 | 4.8 | 3y ago | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in sahumedia SAHU TikTok Pixel for E-Commerce plugin <= 1.2.2 versions. | |||
| CVE-2023-47184 | medium | 4.8 | 4.8 | 3y ago | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Proper Fraction LLC. Admin Bar & Dashboard Access Control plugin <= 1.2.8 versions. | |||
| CVE-2023-46824 | medium | 4.8 | 4.8 | 3y ago | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Om Ak Solutions Slick Popup: Contact Form 7 Popup Plugin plugin <= 1.7.14 versions. | |||
| CVE-2023-23702 | medium | 4.8 | 4.8 | 3y ago | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pixelgrade Comments Ratings plugin <= 1.1.7 versions. | |||
| CVE-2023-45754 | medium | 4.8 | 4.8 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in I Thirteen Web Solution Easy Testimonial Slider and Form allows Stored XSS.This issue affects Eas… | |||
| CVE-2023-41729 | medium | 4.8 | 4.8 | 3y ago | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SendPress Newsletters plugin <= 1.22.3.31 versions. | |||
| CVE-2023-30874 | medium | 4.8 | 4.8 | 3y ago | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Steve Curtis, St. Pete Design Gps Plotter plugin <= 5.1.4 versions. | |||
| CVE-2023-33216 | medium | 4.8 | 4.8 | 3y ago | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in gVectors Team WooDiscuz – WooCommerce Comments woodiscuz-woocommerce-comments allows Stored XSS.This issue affects WooDiscuz – WooCom… | |||
| CVE-2023-24403 | medium | 4.8 | 4.8 | 3y ago | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP For The Win bbPress Voting plugin <= 2.1.11.0 versions. | |||
| CVE-2023-23987 | medium | 4.8 | 4.8 | 3y ago | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPEverest User Registration plugin <= 2.3.0 versions. | |||
| CVE-2023-51712 | medium | 4.7 | 4.7 | 2y ago | An issue was discovered in Trusted Firmware-M through 2.0.0. The lack of argument verification in the logging subsystem allows attackers to read sensitive data via the login function. | |||
| CVE-2023-29299 | medium | 4.7 | 4.7 | 3y ago | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Untrusted Search Path vulnerability that could lead to Application denial-of-service. An att… | |||
| CVE-2023-28619 | medium | 4.3 | 4.3 | 5mo ago | Missing Authorization vulnerability in bnayawpguy Resoto allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Resoto: from n/a through 1.0.8. | |||
| CVE-2023-25068 | medium | 4.3 | 4.3 | 6mo ago | Missing Authorization vulnerability in Mapro Collins Magazine Edge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Magazine Edge: from n/a through 1.13. | |||
| CVE-2023-26002 | medium | 4.3 | 4.3 | 1y ago | Missing Authorization vulnerability in 6Storage 6Storage Rentals allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects 6Storage Rentals: from n/a through 2.19.5. | |||
| CVE-2023-47807 | medium | 4.3 | 4.3 | 1y ago | Missing Authorization vulnerability in 10Web 10WebAnalytics wd-google-analytics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 10WebAnalytics: from n/a thr… | |||
| CVE-2023-47778 | medium | 4.3 | 4.3 | 1y ago | Missing Authorization vulnerability in LuckyWP LuckyWP Scripts Control luckywp-scripts-control allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LuckyWP Scrip… | |||
| CVE-2023-45272 | medium | 4.3 | 4.3 | 1y ago | Missing Authorization vulnerability in 10Web 10Web Map Builder for Google Maps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 10Web Map Builder for Google … | |||
| CVE-2023-39994 | medium | 4.3 | 4.3 | 1y ago | Missing Authorization vulnerability in Repute InfoSystems ARMember Premium allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ARMember Premium: from n/a throug… | |||
| CVE-2023-47692 | medium | 4.3 | 4.3 | 1y ago | Missing Authorization vulnerability in flothemesplugins Flo Forms flo-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flo Forms: from n/a through <= 1… | |||
| CVE-2023-47647 | medium | 4.3 | 4.3 | 1y ago | Missing Authorization vulnerability in LearningTimes BadgeOS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BadgeOS: from n/a through 3.7.1.6. | |||
| CVE-2023-47557 | medium | 4.3 | 4.3 | 1y ago | Missing Authorization vulnerability in wp-buy Visitors Traffic Real Time Statistics visitors-traffic-real-time-statistics allows Exploiting Incorrectly Configured Access Control Security Levels.This … | |||
| CVE-2023-47523 | medium | 4.3 | 4.3 | 1y ago | Missing Authorization vulnerability in Ecreate Infotech Auto Tag Creator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Auto Tag Creator: from n/a through … | |||
| CVE-2023-46628 | medium | 4.3 | 4.3 | 1y ago | Missing Authorization vulnerability in RedLettuce Plugins WP Word Count allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Word Count: from n/a through 3.2.… | |||
| CVE-2023-46612 | medium | 4.3 | 4.3 | 1y ago | Missing Authorization vulnerability in codedraft Mediabay mediabay-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mediabay: from n/a through <= 1.6. | |||
| CVE-2023-46203 | medium | 4.3 | 4.3 | 1y ago | Missing Authorization vulnerability in JustCoded / Alex Prokopenko Just Custom Fields allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Just Custom Fields: fr… | |||
| CVE-2023-46196 | medium | 4.3 | 4.3 | 1y ago | Missing Authorization vulnerability in Repuso Social proof testimonials and reviews by Repuso social-testimonials-and-reviews-widget allows Exploiting Incorrectly Configured Access Control Security L… | |||
| CVE-2023-46188 | medium | 4.3 | 4.3 | 1y ago | Missing Authorization vulnerability in Jose Mortellaro Freesoul Deactivate Plugins – Plugin manager and cleanup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affe… | |||
| CVE-2023-46080 | medium | 4.3 | 4.3 | 1y ago | Missing Authorization vulnerability in Farhan Noor ApplyOnline – Application Form Builder and Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ApplyO… | |||
| CVE-2023-45765 | medium | 4.3 | 4.3 | 1y ago | Missing Authorization vulnerability in weDevs WP ERP erp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP ERP: from n/a through <= 1.12.6. | |||
| CVE-2023-45271 | medium | 4.3 | 4.3 | 1y ago | Missing Authorization vulnerability in WPXPO WowStore product-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WowStore: from n/a through <= 2.7.8. | |||
| CVE-2023-45110 | medium | 4.3 | 4.3 | 1y ago | Missing Authorization vulnerability in boldthemes Bold Timeline Lite bold-timeline-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bold Timeline Lite: … | |||
| CVE-2023-45101 | medium | 4.3 | 4.3 | 1y ago | Missing Authorization vulnerability in CusRev Customer Reviews for WooCommerce customer-reviews-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects … | |||
| CVE-2023-45002 | medium | 4.3 | 4.3 | 1y ago | Missing Authorization vulnerability in weDevs WP User Frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through 3.6.8. | |||
| CVE-2023-44988 | medium | 4.3 | 4.3 | 1y ago | Missing Authorization vulnerability in Martin Gibson WP Custom Admin Interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: fr… | |||
| CVE-2023-50850 | medium | 4.3 | 4.3 | 1y ago | Missing Authorization vulnerability in Woo WooCommerce Subscriptions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Subscriptions: from n/a bef… | |||
| CVE-2023-41951 | medium | 4.3 | 4.3 | 2y ago | Missing Authorization vulnerability in rtCamp rtMedia for WordPress, BuddyPress and bbPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects rtMedia for Word… | |||
| CVE-2023-41873 | medium | 4.3 | 4.3 | 2y ago | Missing Authorization vulnerability in miniOrange SAML SP Single Sign On allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SAML SP Single Sign On: from n/a th… | |||
| CVE-2023-41869 | medium | 4.3 | 4.3 | 2y ago | Missing Authorization vulnerability in Alex Volkov WP Accessibility Helper (WAH) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Accessibility Helper (WA… | |||
| CVE-2023-41866 | medium | 4.3 | 4.3 | 2y ago | Missing Authorization vulnerability in Team Plugins360 Automatic YouTube Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automatic YouTube Gallery: … | |||
| CVE-2023-41865 | medium | 4.3 | 4.3 | 2y ago | Missing Authorization vulnerability in bqworks Slider Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slider Pro: from n/a through 4.8.6. |