Skip to main content
CVE-2023-27607 MEDIUM This Month

Missing Authorization vulnerability in WP Swings Points and Rewards for WooCommerce.5.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-25922 MEDIUM This Month

Missing Authorization vulnerability in Peach Payments Peach Payments Gateway.1.9. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-25907 MEDIUM This Month

Missing Authorization vulnerability in JoomUnited WP Media folder.7.2. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-26019 MEDIUM This Month

Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in submit processing. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Ninja Forms
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2024-24850 MEDIUM This Month

Missing Authorization vulnerability in Mark Stockton Quicksand Post Filter jQuery Plugin.1.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2024-25935 MEDIUM This Month

Missing Authorization vulnerability in Metagauss RegistrationMagic.2.5.9. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Registrationmagic
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2022-47604 MEDIUM This Month

Missing Authorization vulnerability in junkcoder, ristoniinemets AJAX Thumbnail Rebuild.13. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-32106 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in WP Compress WP Compress - Image Optimizer [All-In-One].10.35. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Wp Compress
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-24883 MEDIUM This Month

Missing Authorization vulnerability in BdThemes Prime Slider - Addons For Elementor.11.10. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Prime Slider
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-31934 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Link Whisper Link Whisper Free.6.9. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-32109 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Julien Berthelot / MPEmbed.Com WP Matterport Shortcode allows Cross Site Request Forgery.1.9. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-32108 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Stephanie Leary Convert Post Types.4. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-27967 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Michael Leithold DSGVO All in one for WP.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Dsgvo All In One For Wp
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-31935 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in BracketSpace Simple Post Notes.7.6. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-32107 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in XLPlugins Finale Lite.18.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Finale
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-32112 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Leadinfo leadinfo. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-25908 MEDIUM This Month

Missing Authorization vulnerability in JoomUnited WP Media folder.7.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-32105 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in ELEXtensions ELEX WooCommerce Dynamic Pricing and Discounts.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy