CVEs from 2023
Total
6,110
critical
critical 239
high
high 1,527
medium
medium 1,390
low
low 32
% Critical
3.9%
% with KEV
2.7%
% with exploit
3.5%
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- ftmg-esr50sxx 8
- ftmg-esn40sxx 8
- ftmg-esd25axx 8
- ftmg-esr40sxx 8
- ftmg-esd15axx 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-22794 | high | — | 8.0 | 3y ago | A vulnerability in ActiveRecord <6.0.6.1, v6.1.7.1 and v7.0.4.1 related to the sanitization of comments. If malicious user input is passed to either the `annotate` query method, the `optimizer_hints`… | |||
| CVE-2023-22795 | high | — | 8.0 | 3y ago | A regular expression based DoS vulnerability in Action Dispatch <6.1.7.1 and <7.0.4.1 related to the If-None-Match header. A specially crafted HTTP If-None-Match header can cause the regular expressi… | |||
| CVE-2023-53660 | high | — | 8.0 | 4y ago | In the Linux kernel, the following vulnerability has been resolved: bpf, cpumap: Handle skb as well when clean up ptr_ring The following warning was reported when running xdp_redirect_cpu with both… | |||
| CVE-2023-1095 | high | — | 8.0 | 4y ago | In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never plac… | |||
| CVE-2023-0459 | high | — | 8.0 | 4y ago | Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the "access_ok" check and pass a kernel pointer to copy_from_user(). This… | |||
| CVE-2023-3022 | high | — | 8.0 | 4y ago | A flaw was found in the IPv6 module of the Linux kernel. The arg.result was not used consistently in fib6_rule_lookup, sometimes holding rt6_info and other times fib6_info. This was not accounted for… | |||
| CVE-2023-1390 | high | — | 8.0 | 5y ago | A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in … | |||
| CVE-2023-52945 | high | 7.8 | 7.8 | 9d ago | Uncontrolled search path element vulnerability in OpenSSL DLL component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to execute arbitrary code via unspecified vectors. | |||
| CVE-2023-7343 | high | 7.8 | 7.8 | 2mo ago | Hirschmann Industrial HiVision versions 05.0.00 through 08.3.01 prior to 08.3.02 contain an arbitrary code execution vulnerability triggered when an administrator opens a maliciously crafted project … | |||
| CVE-2023-53629 | high | 7.8 | 7.8 | 8mo ago | In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix use after free in midcomms commit While working on processing dlm message in softirq context I experienced the follo… | |||
| CVE-2023-53543 | high | 7.8 | 7.8 | 8mo ago | In the Linux kernel, the following vulnerability has been resolved: vdpa: Add max vqp attr to vdpa_nl_policy for nlattr length check The vdpa_nl_policy structure is used to validate the nlattr when… | |||
| CVE-2023-52927 | high | 7.8 | 7.8 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: allow exp not to be removed in nf_ct_find_expectation Currently nf_conntrack_in() calling nf_ct_find_expectation() wil… | |||
| CVE-2023-53596 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drivers: base: Free devm resources when unregistering a device In the current code, devres_release_all() only gets called if the … | |||
| CVE-2023-52614 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix buffer overflow in trans_stat_show Fix buffer overflow in trans_stat_show(). Convert simple snprintf to the mo… | |||
| CVE-2023-6817 | high | 7.8 | 7.8 | 2y ago | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The function nft_pipapo_walk did not skip inactive element… | |||
| CVE-2023-6246 | high | 7.8 | 7.8 | 2y ago | A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog functio… | |||
| CVE-2023-44336 | high | 7.8 | 7.8 | 3y ago | Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of … | |||
| CVE-2023-45898 | high | 7.8 | 7.8 | 3y ago | The Linux kernel before 6.5.4 has an es1 use-after-free in fs/ext4/extents_status.c, related to ext4_es_insert_extent. | |||
| CVE-2023-38246 | high | 7.8 | 7.8 | 3y ago | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution … | |||
| CVE-2023-29320 | high | 7.8 | 7.8 | 3y ago | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Violation of Secure Design Principles vulnerability that could result in arbitrary code exec… | |||
| CVE-2023-38226 | high | 7.8 | 7.8 | 3y ago | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution … | |||
| CVE-2023-38228 | high | 7.8 | 7.8 | 3y ago | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of … | |||
| CVE-2023-38231 | high | 7.8 | 7.8 | 3y ago | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the conte… | |||
| CVE-2023-38225 | high | 7.8 | 7.8 | 3y ago | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of … | |||
| CVE-2023-38229 | high | 7.8 | 7.8 | 3y ago | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could result in arbitrary code execution in the contex… | |||
| CVE-2023-38233 | high | 7.8 | 7.8 | 3y ago | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the conte… | |||
| CVE-2023-38222 | high | 7.8 | 7.8 | 3y ago | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of … | |||
| CVE-2023-38227 | high | 7.8 | 7.8 | 3y ago | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of … | |||
| CVE-2023-38223 | high | 7.8 | 7.8 | 3y ago | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Access of Uninitialized Pointer that could result in arbitrary code execution in the context… | |||
| CVE-2023-33161 | high | 7.8 | 7.8 | 3y ago | Microsoft Excel Remote Code Execution Vulnerability | |||
| CVE-2023-33158 | high | 7.8 | 7.8 | 3y ago | Microsoft Excel Remote Code Execution Vulnerability | |||
| CVE-2023-33152 | high | 7.8 | 7.8 | 3y ago | Microsoft ActiveX Remote Code Execution Vulnerability | |||
| CVE-2023-33149 | high | 7.8 | 7.8 | 3y ago | Microsoft Office Graphics Remote Code Execution Vulnerability | |||
| CVE-2023-26246 | high | 7.8 | 7.8 | 3y ago | An issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment system AE_E_PE_EUR.S5W_L001.001.211214. The AppUpgrade binary file, which is used during the firmware installation process, can … | |||
| CVE-2023-26245 | high | 7.8 | 7.8 | 3y ago | An issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment system AE_E_PE_EUR.S5W_L001.001.211214. The AppUpgrade binary file, which is used during the firmware installation process, can … | |||
| CVE-2023-26244 | high | 7.8 | 7.8 | 3y ago | An issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment system AE_E_PE_EUR.S5W_L001.001.211214. The AppDMClient binary file, which is used during the firmware installation process, can… | |||
| CVE-2023-26243 | high | 7.8 | 7.8 | 3y ago | An issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment system AE_E_PE_EUR.S5W_L001.001.211214. The decryption binary used to decrypt firmware files has an information leak that allows… | |||
| CVE-2023-28260 | high | 7.8 | 7.8 | 3y ago | .NET DLL Hijacking Remote Code Execution Vulnerability | |||
| CVE-2023-23375 | high | 7.8 | 7.8 | 3y ago | Microsoft ODBC and OLE DB Remote Code Execution Vulnerability | |||
| CVE-2023-25446 | high | 7.7 | 7.7 | 6mo ago | Missing Authorization vulnerability in HappyFiles HappyFiles Pro happyfiles-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HappyFiles Pro: from n/a thr… | |||
| CVE-2023-51500 | high | 7.7 | 7.7 | 2y ago | Missing Authorization vulnerability in Undsgn Uncode Core.This issue affects Uncode Core: from n/a through 2.8.8. | |||
| CVE-2023-51418 | high | 7.7 | 7.7 | 2y ago | Missing Authorization vulnerability in Joris van Montfort JVM rich text icons.This issue affects JVM rich text icons: from n/a through 1.2.6. | |||
| CVE-2023-39313 | high | 7.7 | 7.7 | 2y ago | Server-Side Request Forgery (SSRF) vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through 7.11.1. | |||
| CVE-2023-26003 | high | 7.6 | 7.6 | 1y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in vipul Jariwala WP Post Corrector allows SQL Injection. This issue affects WP Post Corrector: from… | |||
| CVE-2023-35037 | high | 7.6 | 7.6 | 2y ago | Missing Authorization vulnerability in Surfer Surfer surferseo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Surfer: from n/a through <= 1.3.2.357. | |||
| CVE-2023-47843 | high | 7.6 | 7.6 | 2y ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Zachary Segal CataBlog.This issue affects CataBlog: from n/a through 1.7.0. | |||
| CVE-2023-23991 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPdevelop / Oplugins Booking Calendar allows SQL Injection.This issue affects Booking Calendar: f… | |||
| CVE-2023-42346 | high | 7.5 | 7.5 | 29d ago | Alkacon OpenCms is vulnerable to XXE when the <!DOCTYPE> refers to an external host | |||
| CVE-2023-54347 | high | 7.5 | 7.5 | 1mo ago | OpenEMR 7.0.1 contains an authentication brute force vulnerability that allows attackers to bypass rate limiting protections by sending repeated login attempts to the main login endpoint. Attackers c… | |||
| CVE-2023-54346 | high | 7.5 | 7.5 | 1mo ago | WordPress Plugin Backup Migration 1.2.8 contains an information disclosure vulnerability that allows unauthenticated attackers to download complete database backups by accessing predictable file path… | |||
| CVE-2023-52356 | high | 7.5 | 7.5 | 7mo ago | Moderate: libtiff security update | |||
| CVE-2023-25995 | high | 7.5 | 7.5 | 1y ago | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in choicehomemortgage AI Mortgage Calculator allows PHP Local File Inclusion. Thi… | |||
| CVE-2023-47693 | high | 7.5 | 7.5 | 1y ago | Missing Authorization vulnerability in Themefic Ultimate Addons for Contact Form 7 ultimate-addons-for-contact-form-7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issu… | |||
| CVE-2023-47648 | high | 7.5 | 7.5 | 1y ago | Missing Authorization vulnerability in Spider Themes EazyDocs eazydocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EazyDocs: from n/a through <= 2.3.5. | |||
| CVE-2023-47224 | high | 7.5 | 7.5 | 1y ago | Missing Authorization vulnerability in WP Travel WP Travel wp-travel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Travel: from n/a through <= 7.8.0. | |||
| CVE-2023-39920 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Themeisle Redirection for Contact Form 7 wpcf7-redirect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Redirection f… | |||
| CVE-2023-32585 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Total-Soft Portfolio Gallery – Responsive Image Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gal… | |||
| CVE-2023-32520 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Webcodin WCP Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCP Contact Form: from n/a through 3.1.0. | |||
| CVE-2023-30490 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Matthew Ruddy Easing Slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easing Slider : from n/a through 3.0.8. | |||
| CVE-2023-25988 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Video Gallery by Total-Soft Video Gallery – YouTube Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Video Gal… | |||
| CVE-2023-49831 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.Thi… | |||
| CVE-2023-25714 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Fullworks Quick Paypal Payments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Paypal Payments: from n/a throu… | |||
| CVE-2023-23976 | high | 7.5 | 7.5 | 2y ago | Incorrect Default Permissions vulnerability in Metagauss RegistrationMagic allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects RegistrationMagic: from n/a through 5.1.9… | |||
| CVE-2023-44227 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Mitchell Bennis Simple File List.This issue affects Simple File List: from n/a through 6.1.9. | |||
| CVE-2023-51672 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through 3.10.3. | |||
| CVE-2023-44989 | high | 7.5 | 7.5 | 2y ago | Insertion of Sensitive Information into Log File vulnerability in GSheetConnector CF7 Google Sheets Connector.This issue affects CF7 Google Sheets Connector: from n/a through 5.0.5. | |||
| CVE-2023-6255 | high | 7.5 | 7.5 | 2y ago | Use of Hard-coded Credentials vulnerability in Utarit Information Technologies SoliPay Mobile App allows Read Sensitive Strings Within an Executable. This issue affects SoliPay Mobile App: before 5.… | |||
| CVE-2023-4993 | high | 7.5 | 7.5 | 2y ago | Incorrect Use of Privileged APIs vulnerability in Utarit Information Technologies SoliPay Mobile App allows Collect Data as Provided by Users. This issue affects SoliPay Mobile App: before 5.0.8. | |||
| CVE-2023-6519 | high | 7.5 | 7.5 | 2y ago | Exposure of Data Element to Wrong Session vulnerability in Mia Technology Inc. MİA-MED allows Read Sensitive Strings Within an Executable. This issue affects MİA-MED: before 1.0.7. | |||
| CVE-2023-6518 | high | 7.5 | 7.5 | 2y ago | Plaintext Storage of a Password vulnerability in Mia Technology Inc. MİA-MED allows Read Sensitive Strings Within an Executable. This issue affects MİA-MED: before 1.0.7. | |||
| CVE-2023-6517 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information Due to Incompatible Policies vulnerability in Mia Technology Inc. MİA-MED allows Collect Data as Provided by Users. This issue affects MİA-MED: before 1.0.7. | |||
| CVE-2023-50781 | high | 7.5 | 7.5 | 2y ago | m2crypto Bleichenbacher timing attack - incomplete fix for CVE-2020-25657 | |||
| CVE-2023-6779 | high | 7.5 | 7.5 | 2y ago | An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these f… | |||
| CVE-2023-52187 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Thomas Maier Image Source Control Lite – Show Image Credits and Captions.This issue affects Image Source Control Lite – Sho… | |||
| CVE-2023-6919 | high | 7.5 | 7.5 | 2y ago | Path Traversal: '/../filedir' vulnerability in Biges Safe Life Technologies Electronics Inc. VGuard allows Absolute Path Traversal. This issue affects VGuard: before V500.0003.R008.4011.C0012.B351.C. | |||
| CVE-2023-5363 | high | 7.5 | 7.5 | 2y ago | Moderate: openssl security update | |||
| CVE-2023-51508 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jordy Meow Database Cleaner: Clean, Optimize & Repair.This issue affects Database Cleaner: Clean, Optimize & Repair: from n… | |||
| CVE-2023-51490 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPMU DEV Defender Security – Malware Scanner, Login Security & Firewall.This issue affects Defender Security – Malware Scan… | |||
| CVE-2023-51408 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StudioWombat WP Optin Wheel – Gamified Optin Email Marketing Tool for WordPress and WooCommerce.This issue affects WP Optin… | |||
| CVE-2023-51406 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team FastDup – Fastest WordPress Migration & Duplicator.This issue affects FastDup – Fastest WordPress Migration & Du… | |||
| CVE-2023-52208 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Constant Contact Constant Contact Forms.This issue affects Constant Contact Forms: from n/a through 2.4.2. | |||
| CVE-2023-52190 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WP Swings Coupon Referral Program.This issue affects Coupon Referral Program: from n/a through 1.7.2. | |||
| CVE-2023-52143 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Naa986 WP Stripe Checkout.This issue affects WP Stripe Checkout: from n/a through 1.2.2.37. | |||
| CVE-2023-51503 | high | 7.5 | 7.5 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo.This issue affects WooPayments – Fully Integrated Solut… | |||
| CVE-2023-52185 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Everestthemes Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin.This issue affects Everest Backu… | |||
| CVE-2023-51688 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in impleCode eCommerce Product Catalog Plugin for WordPress.This issue affects eCommerce Product Catalog Plugin for WordPress:… | |||
| CVE-2023-51687 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in impleCode Product Catalog Simple.This issue affects Product Catalog Simple: from n/a through 1.7.6. | |||
| CVE-2023-51527 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Senol Sahin AI Power: Complete AI Pack – Powered by GPT-4.This issue affects AI Power: Complete AI Pack – Powered by GPT-4:… | |||
| CVE-2023-27447 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in VeronaLabs WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc.This issue affects WP SMS – … | |||
| CVE-2023-32747 | high | 7.5 | 7.5 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Bookings.This issue affects WooCommerce Bookings: from n/a through 1.15.78. | |||
| CVE-2023-49162 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BigCommerce BigCommerce For WordPress.This issue affects BigCommerce For WordPress: from n/a through 5.0.6. | |||
| CVE-2023-48288 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HM Plugin WordPress Job Board and Recruitment Plugin – JobWP.This issue affects WordPress Job Board and Recruitment Plugin … | |||
| CVE-2023-2487 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Smackcoders Export All Posts, Products, Orders, Refunds & Users.This issue affects Export All Posts, Products, Orders, Refu… | |||
| CVE-2023-28421 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Winwar Media WordPress Email Marketing Plugin – WP Email Capture.This issue affects WordPress Email Marketing Plugin – WP E… | |||
| CVE-2023-49762 | high | 7.5 | 7.5 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in AppMySite AppMySite – Create an app with the Best Mobile App Builder.This issue affects AppMySite – Create an app with the … | |||
| CVE-2023-35916 | high | 7.5 | 7.5 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo.This issue affects WooPayments – Fully Integrated Solut… | |||
| CVE-2023-35914 | high | 7.5 | 7.5 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce Woo Subscriptions.This issue affects Woo Subscriptions: from n/a through 5.1.2. | |||
| CVE-2023-32590 | high | 7.5 | 7.5 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category.This issue affects Subscribe to Ca… | |||
| CVE-2023-37871 | high | 7.5 | 7.5 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce GoCardless.This issue affects GoCardless: from n/a through 2.5.6. | |||
| CVE-2023-49812 | high | 7.5 | 7.5 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus.This issue affects WP Photo Album Plus: from n/a through 8.5.02.005. |