Skip to main content
CVE-2024-47362 MEDIUM This Month

Missing Authorization vulnerability in WP Chill Strong Testimonials strong-testimonials.1.16. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2024-47317 MEDIUM This Month

Missing Authorization vulnerability in Ads by WPQuads Ads by WPQuads quick-adsense-reloaded.0.84. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2024-43973 MEDIUM This Month

Missing Authorization vulnerability in Stiofan GetPaid invoicing allows Exploiting Incorrectly Configured Access Control Security Levels.8.11. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-43136 MEDIUM This Month

Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart.2.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-44031 MEDIUM This Month

Missing Authorization vulnerability in beardev JoomSport joomsport-sports-league-results-management.6.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-47318 MEDIUM This Month

Missing Authorization vulnerability in Magazine3 PWA for WP & AMP pwa-for-wp.7.72. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-48045 MEDIUM This Month

Missing Authorization vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.12.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Elementor
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-44006 MEDIUM This Month

Missing Authorization vulnerability in Amir Helzer WooCommerce Multilingual & Multicurrency woocommerce-multilingual.3.6. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-43254 MEDIUM This Month

Missing Authorization vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders.5.6. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-44052 MEDIUM This Month

Missing Authorization vulnerability in HelloAsso HelloAsso helloasso.1.10. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-48039 MEDIUM This Month

Missing Authorization vulnerability in Imran Tauqeer CubeWP cubewp-framework allows Exploiting Incorrectly Configured Access Control Security Levels.1.15. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-44020 MEDIUM This Month

Missing Authorization vulnerability in prasadkirpekar WP Free SSL - Free SSL Certificate for WordPress and force HTTPS wp-free-ssl.2.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-37482 MEDIUM This Month

Missing Authorization vulnerability in RadiusTheme The Post Grid the-post-grid.7.4. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-43208 MEDIUM This Month

Missing Authorization vulnerability in Matt Miller Send Emails with Mandrill send-emails-with-mandrill allows Exploiting Incorrectly Configured Access Control Security Levels.4.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-38714 MEDIUM This Month

Missing Authorization vulnerability in Epsiloncool WP Fast Total Search fulltext-search.68.232. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-43118 MEDIUM This Month

Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hummingbird hummingbird-performance.9.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-37440 MEDIUM This Month

Missing Authorization vulnerability in andy_moyle Church Admin church-admin.4.4. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-43229 MEDIUM This Month

Missing Authorization vulnerability in Cornel Raiu WP Search Analytics search-analytics.4.9. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-43937 MEDIUM This Month

Missing Authorization vulnerability in Themeum WP Crowdfunding allows Exploiting Incorrectly Configured Access Control Security Levels.1.10. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Wp Crowdfunding
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-43215 MEDIUM This Month

Missing Authorization vulnerability in creativemotion Social Slider Feed allows Exploiting Incorrectly Configured Access Control Security Levels.2.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-43157 MEDIUM This Month

Missing Authorization vulnerability in nCrafts FormCraft allows Exploiting Incorrectly Configured Access Control Security Levels.2.10. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-43154 MEDIUM This Month

Missing Authorization vulnerability in BracketSpace Advanced Cron Manager allows Exploiting Incorrectly Configured Access Control Security Levels.5.9. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-43134 MEDIUM This Month

Missing Authorization vulnerability in xootix Waitlist Woocommerce ( Back in stock notifier ) allows Exploiting Incorrectly Configured Access Control Security Levels.6. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-43119 MEDIUM This Month

Missing Authorization vulnerability in Aruba.It Aruba HiSpeed Cache allows Exploiting Incorrectly Configured Access Control Security Levels.0.12. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Aruba
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-38727 MEDIUM This Month

Missing Authorization vulnerability in Seraphinite Solutions Seraphinite Post .DOCX Source allows Exploiting Incorrectly Configured Access Control Security Levels.DOCX Source: from n/a through 2.16.9. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-38719 MEDIUM This Month

Missing Authorization vulnerability in Creative Motion Auto Featured Image (Auto Post Thumbnail) allows Exploiting Incorrectly Configured Access Control Security Levels.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-38695 MEDIUM This Month

Missing Authorization vulnerability in Martin Gibson WP GoToWebinar allows Exploiting Incorrectly Configured Access Control Security Levels.6. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-37443 MEDIUM This Month

Missing Authorization vulnerability in Automattic WP Job Manager - Resume Manager allows Exploiting Incorrectly Configured Access Control Security Levels.1.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-37254 MEDIUM This Month

Missing Authorization vulnerability in mndpsingh287 File Manager allows Exploiting Incorrectly Configured Access Control Security Levels.2.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-37249 MEDIUM This Month

Missing Authorization vulnerability in WPEngine Inc. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-37218 MEDIUM This Month

Missing Authorization vulnerability in WordPress Page Builder Sandwich Team Page Builder Sandwich - Front-End Page Builder allows Exploiting Incorrectly Configured Access Control Security Levels.1.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-37204 MEDIUM This Month

Missing Authorization vulnerability in PropertyHive PropertyHive allows Exploiting Incorrectly Configured Access Control Security Levels.0.9. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Propertyhive
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-37203 MEDIUM This Month

Missing Authorization vulnerability in Laybuy Laybuy Payment Extension for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.3.9. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-37201 MEDIUM This Month

Missing Authorization vulnerability in javmah Woocommerce Customers Order History allows Exploiting Incorrectly Configured Access Control Security Levels.2.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-37096 MEDIUM This Month

Missing Authorization vulnerability in Popup Box Team Popup allows Exploiting Incorrectly Configured Access Control Security Levels.5.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-37095 MEDIUM This Month

Missing Authorization vulnerability in Envira Gallery Team Envira Photo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.8.7.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-39639 LOW Monitor

Broken Access Control vulnerability in Nickolas Bossinas WordPress File Upload allows Exploiting Incorrectly Configured Access Control Security Levels.24.7. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress CSRF File Upload Wordpress File Upload
NVD
CVSS 3.1
3.5
EPSS
0.2%
Prev Page 5 of 5

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy