Skip to main content
CVE-2024-30470 HIGH This Week

Missing Authorization vulnerability in YITH YITH WooCommerce Account Funds Premium.33.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Woocommerce Account Funds
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-30467 HIGH This Week

Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg.4.9. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Essential Blocks
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-30466 HIGH This Week

Missing Authorization vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency.3.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Woocommerce Multilingual Multicurrency
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-30465 HIGH This Week

Missing Authorization vulnerability in Pagelayer Team PageLayer.8.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Pagelayer
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-25092 HIGH This Week

Missing Authorization vulnerability in XLPlugins NextMove Lite.17.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Nextmove
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2024-31294 HIGH This Week

Missing Authorization vulnerability in Fahad Mahmood WP Sort Order.3.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Wp Sort Order
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2024-31098 HIGH This Week

Missing Authorization vulnerability in Mr.Ebabi New Order Notification for Woocommerce.0.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress New Order Notification For Woocommerce
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-30537 HIGH This Week

Missing Authorization vulnerability in WPClever WPC Badge Management for WooCommerce.4.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Wpc Badge Management For Woocommerce
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2024-32703 HIGH This Week

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in reputeinfosystems ARForms arforms.4. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal
NVD VulDB
CVSS 3.1
7.7
EPSS
0.3%
CVE-2024-32778 HIGH This Week

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery.3.4. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal
NVD VulDB
CVSS 3.1
7.7
EPSS
0.2%
CVE-2024-32715 HIGH This Week

A vulnerability in olivethemes Olive One Click Demo Import olive-one-click-demo-import.1.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2024-32777 HIGH This Week

Missing Authorization vulnerability in BizSwoop a CPF Concepts, LLC Brand BizPrint.3.39. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-33565 HIGH This Week

Missing Authorization vulnerability in UkrSolution Barcode Scanner with Inventory & Order Manager.5.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Barcode Scanner And Inventory Manager
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-33543 HIGH This Week

Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.2.06. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wp Time Slots Booking Form
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-31244 HIGH This Week

Missing Authorization vulnerability in Bricksforge.0.17. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Bricksforge
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-31243 HIGH This Week

Missing Authorization vulnerability in Bricksforge.0.17. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Bricksforge
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-32705 HIGH This Week

Missing Authorization vulnerability in reputeinfosystems ARForms arforms.4. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD VulDB
CVSS 3.1
7.1
EPSS
0.4%
CVE-2024-32704 HIGH This Week

Missing Authorization vulnerability in reputeinfosystems ARForms arforms.4. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD VulDB
CVSS 3.1
7.1
EPSS
0.2%
CVE-2024-30534 MEDIUM This Month

Missing Authorization vulnerability in typps Calendarista Basic Edition calendarista-basic-edition.0.5. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD VulDB
CVSS 3.1
6.5
EPSS
0.2%
CVE-2024-32805 MEDIUM This Month

Missing Authorization vulnerability in Social Snap.3.5. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2024-31307 MEDIUM This Month

Missing Authorization vulnerability in appscreo Easy Social Share Buttons.4. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
6.3
EPSS
0.3%
CVE-2024-31246 MEDIUM This Month

Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Configured Access Control Security Levels.2.3. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD VulDB
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-32824 MEDIUM This Month

Missing Authorization vulnerability in Evergreen Content Poster Evergreen Content Poster evergreen-content-poster.4.2. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD VulDB
CVSS 3.1
5.4
EPSS
0.2%
CVE-2024-30529 MEDIUM This Month

Missing Authorization vulnerability in tainacan Tainacan tainacan.20.7. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD VulDB
CVSS 3.1
5.3
EPSS
0.7%
CVE-2024-32797 MEDIUM This Month

Missing Authorization vulnerability in Martin Gibson WP LinkedIn Auto Publish.11. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-24716 MEDIUM This Month

Missing Authorization vulnerability in Awesome Support Team Awesome Support.1.6. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Awesome Support
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-32725 MEDIUM This Month

Missing Authorization vulnerability in Saleswonder Team: Tobias 5 Stars Rating Funnel 5-stars-rating-funnel.2.67. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2024-35748 MEDIUM This Month

Missing Authorization vulnerability in OPMC WooCommerce Dropshipping.0.4. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Woocommerce Dropshipping
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-32727 MEDIUM This Month

Missing Authorization vulnerability in Rometheme RomethemeForm For Elementor.1.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-32820 MEDIUM This Month

Missing Authorization vulnerability in Social Share Pro Social Share Icons & Social Share Buttons.6.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-32814 MEDIUM This Month

Missing Authorization vulnerability in Zorem Advanced Local Pickup for WooCommerce.6.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass WordPress
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-32813 MEDIUM This Month

Missing Authorization vulnerability in SoftLab Integrate Google Drive.3.9. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Google
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-32811 MEDIUM This Month

Insertion of Sensitive Information into Log File vulnerability in Octolize USPS Shipping for WooCommerce - Live Rates.9.4. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Information Disclosure
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2024-32798 MEDIUM This Month

Missing Authorization vulnerability in WP Travel Engine.8.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wp Travel Engine
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-32779 MEDIUM This Month

Missing Authorization vulnerability in Avirtum Vision Interactive.7.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-31274 MEDIUM This Month

Missing Authorization vulnerability in WPDeveloper EmbedPress.9.11. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Embedpress
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-37535 MEDIUM This Month

GNOME VTE before 0.76.3 allows an attacker to cause a denial of service (memory consumption) via a window resize escape sequence, a related issue to CVE-2000-0476. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2024-31261 MEDIUM This Month

Missing Authorization vulnerability in Aakash Chakravarthy Announcer - Notification & message bars.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Announcer
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-32701 MEDIUM This Month

Missing Authorization vulnerability in InstaWP InstaWP Connect instawp-connect.1.0.24. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-31359 MEDIUM This Month

Missing Authorization vulnerability in Premmerce Premmerce Product Filter for WooCommerce premmerce-woocommerce-product-filter.7.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress
NVD VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-33572 MEDIUM This Month

Missing Authorization vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor.2.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-32784 MEDIUM This Month

Missing Authorization vulnerability in CookieHub.1.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-32792 MEDIUM This Month

Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hummingbird hummingbird-performance.7.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-31347 MEDIUM This Month

Missing Authorization vulnerability in Data443 Tracking Code Manager.1.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-32821 MEDIUM This Month

Missing Authorization vulnerability in TotalSuite Total Poll Lite.9.9. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-32804 MEDIUM This Month

Missing Authorization vulnerability in Martin Gibson WP GoToWebinar.46. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-32787 MEDIUM This Month

Missing Authorization vulnerability in Copy Content Protection Team Secure Copy Content Protection and Content Locking.7.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-32783 MEDIUM This Month

Missing Authorization vulnerability in wpcreativeidea Advanced Testimonial Carousel for Elementor.0.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-33564 MEDIUM This Month

Missing Authorization vulnerability in 8theme XStore.3.8. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Xstore
NVD
CVSS 3.1
4.3
EPSS
0.3%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy