Missing Authorization vulnerability in KaizenCoders Short URL allows Exploiting Incorrectly Configured Access Control Security Levels.6.8. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in Labib Ahmed Animated Rotating Words allows Exploiting Incorrectly Configured Access Control Security Levels.4. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in TCBarrett Glossary allows Exploiting Incorrectly Configured Access Control Security Levels.1.2. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in WP Royal Ashe Extra allows Exploiting Incorrectly Configured Access Control Security Levels.2.9. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in WebToffee WordPress Backup & Migration allows Exploiting Incorrectly Configured Access Control Security Levels.4.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in Kishor Khambu WP Custom Widget area allows Exploiting Incorrectly Configured Access Control Security Levels.2.5. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Cross-Site Request Forgery (CSRF) vulnerability in CreativeThemes Blocksy allows Cross Site Request Forgery.0.22. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Cross-Site Request Forgery (CSRF) vulnerability in MBE Worldwide S.p.A. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in PressTigers Simple Job Board allows Exploiting Incorrectly Configured Access Control Security Levels.10.5. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in GiveWP GiveWP allows Exploiting Incorrectly Configured Access Control Security Levels.33.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in JoomUnited WP Table Manager allows Exploiting Incorrectly Configured Access Control Security Levels.5.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in WPDO DoLogin Security allows Exploiting Incorrectly Configured Access Control Security Levels.7.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in YITH YITH WooCommerce Product Add-Ons allows Exploiting Incorrectly Configured Access Control Security Levels.2.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in CoCart Headless, LLC CoCart - Headless ecommerce allows Exploiting Incorrectly Configured Access Control Security Levels.11.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in AtomChat AtomChat allows Exploiting Incorrectly Configured Access Control Security Levels.1.4. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in Porto Theme Porto Theme - Functionality allows Exploiting Incorrectly Configured Access Control Security Levels.12.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in FeedbackWP kk Star Ratings allows Exploiting Incorrectly Configured Access Control Security Levels.4.5. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in QunatumCloud Floating Action Buttons allows Accessing Functionality Not Properly Constrained by ACLs.9.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in Seers Seers allows Exploiting Incorrectly Configured Access Control Security Levels.1.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in Saurav Sharma Generate Dummy Posts allows Exploiting Incorrectly Configured Access Control Security Levels.0.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in Ruslan Suhar Convertful - Your Ultimate On-Site Conversion Tool allows Exploiting Incorrectly Configured Access Control Security Levels.5. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in websoudan MW WP Form allows Exploiting Incorrectly Configured Access Control Security Levels.4.5. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in Kali Forms Contact Form builder with drag & drop - Kali Forms allows Exploiting Incorrectly Configured Access Control Security Levels.3.27. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in nofearinc DX Delete Attached Media allows Exploiting Incorrectly Configured Access Control Security Levels.0.5.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in Poll Maker Team Poll Maker allows Exploiting Incorrectly Configured Access Control Security Levels.7.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in CodePeople Appointment Hour Booking allows Exploiting Incorrectly Configured Access Control Security Levels.4.23. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in AWSM Innovations WP Job Openings allows Exploiting Incorrectly Configured Access Control Security Levels.4.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in Schema App Schema App Structured Data allows Exploiting Incorrectly Configured Access Control Security Levels.23.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in Cyberlord92 Broken Link Checker | Finder allows Exploiting Incorrectly Configured Access Control Security Levels.4.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Authentication Bypass by Primary Weakness vulnerability in yourownprogrammer YOP Poll allows Authentication Bypass.5.28. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in gVectors Team wpDiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.6.10. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Webdeclic WPMasterToolKit allows Path Traversal.13.1. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in gVectors Team wpDiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.6.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in JS Morisset WPSSO Core allows Exploiting Incorrectly Configured Access Control Security Levels.18.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in Repute InfoSystems ARMember Premium allows Exploiting Incorrectly Configured Access Control Security Levels.9.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category allows Exploiting Incorrectly Configured Access Control Security Levels.7.4. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in wp-buy Visitors Traffic Real Time Statistics allows Exploiting Incorrectly Configured Access Control Security Levels.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Cross-Site Request Forgery (CSRF) vulnerability in VolThemes Patricia Blog allows Cross Site Request Forgery.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Cross-Site Request Forgery (CSRF) vulnerability in Creativthemes Point allows Cross Site Request Forgery.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in WowStore Team ProductX - Gutenberg WooCommerce Blocks allows Exploiting Incorrectly Configured Access Control Security Levels.7.8. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Rara Business allows Cross Site Request Forgery.2.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Cross-Site Request Forgery (CSRF) vulnerability in Blossom Themes Vilva allows Cross Site Request Forgery.2.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Cross-Site Request Forgery (CSRF) vulnerability in Apollo13Themes Rife Free allows Cross Site Request Forgery.4.18. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Cross-Site Request Forgery (CSRF) vulnerability in Marsian allows Cross Site Request Forgery.0.9. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Cross-Site Request Forgery (CSRF) vulnerability in Marsian i-amaze allows Cross Site Request Forgery.3.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Cross-Site Request Forgery (CSRF) vulnerability in MyThemeShop Schema Lite allows Cross Site Request Forgery.2.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Cross-Site Request Forgery (CSRF) vulnerability in Automattic WP Job Manager - Resume Manager allows Cross Site Request Forgery.1.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Cross-Site Request Forgery (CSRF) vulnerability in FS-code FS Poster allows Cross Site Request Forgery.5.8. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Cross-Site Request Forgery (CSRF) vulnerability in Epsiloncool WP Fast Total Search.69.234. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Cross-Site Request Forgery (CSRF) vulnerability in Event Espresso Event Espresso 4 Decaf allows Cross Site Request Forgery.0.28.decaf. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.