Skip to main content
CVE-2024-9067 MEDIUM This Month

The Youzify - BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Authentication Bypass Youzify
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-45130 MEDIUM PATCH This Month

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Adobe Commerce Commerce B2b Magento
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-45129 MEDIUM PATCH This Month

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Adobe Privilege Escalation Commerce Commerce B2b +1
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-45125 MEDIUM PATCH This Month

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Adobe Commerce Commerce B2b Magento
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-45122 MEDIUM PATCH This Month

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Adobe Commerce Commerce B2b Magento
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-45121 MEDIUM PATCH This Month

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Adobe Commerce Commerce B2b Magento
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-8477 MEDIUM PATCH This Month

The Newsletter, SMTP, Email marketing and Subscribe forms by Brevo (formely Sendinblue) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.87. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Newsletter Smtp Email Marketing And Subscribe
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-9685 MEDIUM PATCH This Month

The Notification for Telegram plugin for WordPress is vulnerable to unauthorized test message sending due to a missing capability check on the 'nftb_test_action' function in versions up to, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass WordPress Notification For Telegram
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-45120 LOW PATCH Monitor

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to a security feature. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Adobe Commerce Commerce B2b Magento
NVD
CVSS 3.1
3.1
EPSS
0.4%
CVE-2024-45149 LOW PATCH Monitor

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Adobe Commerce Commerce B2b Magento
NVD
CVSS 3.1
2.7
EPSS
0.5%
CVE-2024-45135 LOW PATCH Monitor

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Adobe Commerce Commerce B2b Magento
NVD
CVSS 3.1
2.7
EPSS
0.6%
CVE-2024-45134 LOW PATCH Monitor

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe Information Disclosure Commerce Commerce B2b Magento
NVD
CVSS 3.1
2.7
EPSS
0.6%
CVE-2024-45133 LOW PATCH Monitor

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Adobe Information Disclosure Commerce Commerce B2b +1
NVD
CVSS 3.1
2.7
EPSS
0.6%
CVE-2024-47869 LOW PATCH Monitor

Gradio is an open-source Python package designed for quick prototyping. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Python Gradio
NVD GitHub
CVSS 4.0
2.3
EPSS
0.3%
CVE-2024-47168 LOW PATCH Monitor

Gradio is an open-source Python package designed for quick prototyping. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Python Information Disclosure Gradio
NVD GitHub
CVSS 4.0
2.3
EPSS
0.3%
CVE-2024-47166 LOW PATCH Monitor

Gradio is an open-source Python package designed for quick prototyping. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Python Gradio
NVD GitHub
CVSS 4.0
2.3
EPSS
0.4%
CVE-2024-47164 LOW PATCH Monitor

Gradio is an open-source Python package designed for quick prototyping. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. No vendor patch available.

Path Traversal Python Gradio
NVD GitHub
CVSS 4.0
2.3
EPSS
0.7%
CVE-2024-47867 LOW PATCH Monitor

Gradio is an open-source Python package designed for quick prototyping. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Python Information Disclosure Gradio
NVD GitHub
CVSS 4.0
2.1
EPSS
0.2%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy