Skip to main content
CVE-2024-12300 LOW Monitor

The AR for WordPress plugin for WordPress is vulnerable to unauthorized double extension file upload due to a missing capability check on the set_ar_featured_image() function in all versions up to,. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass WordPress PHP File Upload
NVD
CVSS 3.1
3.7
EPSS
0.4%
CVE-2023-41695 LOW Monitor

Missing Authorization vulnerability in Adnan Analytify wp-analytify allows Exploiting Incorrectly Configured Access Control Security Levels.1.0. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
3.5
EPSS
0.4%
CVE-2022-45819 LOW Monitor

Missing Authorization vulnerability in Daniel Iser Popup Maker popup-maker allows Exploiting Incorrectly Configured Access Control Security Levels.17.1. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
3.5
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy