| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Missing Authorization vulnerability in WP Messiah Swiss Toolkit For WP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Swiss Toolkit For WP: from n/a through 1.3.0. |
| Missing Authorization vulnerability in Jaap Jansma Connector to CiviCRM with CiviMcRestFace allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Connector to CiviCRM with CiviMcRestFace: from n/a through 1.0.9. |
| The Checkout Mestres do WP for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the cwmpUpdateOptions() function in versions 8.6.5 to 8.7.5. This makes it possible for unauthenticated attackers to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site. |
| Missing Authorization vulnerability in Arni Cinco WPCargo Track & Trace allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WPCargo Track & Trace: from n/a through 7.0.6. |
| Missing Authorization vulnerability in softpulseinfotech SP Blog Designer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SP Blog Designer: from n/a through 1.0.0. |
| Missing Authorization vulnerability in Ads by WPQuads Ads by WPQuads allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ads by WPQuads: from n/a through 2.0.87.1. |
| Missing Authorization vulnerability in wokamoto StaticPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects StaticPress: from n/a through 0.4.5. |
| Missing Authorization vulnerability in Oliver Boyers Pin Generator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Pin Generator: from n/a through 2.0.0. |
| Missing Authorization vulnerability in WebProtect.ai Astra Security Suite allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Astra Security Suite: from n/a through 0.2. |
| Missing Authorization vulnerability in ahmadshyk Gift Cards for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Gift Cards for WooCommerce: from n/a through 1.5.8. |
| Missing Authorization vulnerability in KingAddons.com King Addons for Elementor. This issue affects King Addons for Elementor: from n/a through 24.12.58. |
| Missing Authorization vulnerability in Travis Simple Icons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Simple Icons: from n/a through 2.8.4. |
| Missing Authorization vulnerability in cedcommerce Ship Per Product allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Ship Per Product: from n/a through 2.1.0. |
| Missing Authorization vulnerability in Zoho Flow allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zoho Flow: from n/a through 2.13.3. |
| Missing Authorization vulnerability in PickPlugins Job Board Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Job Board Manager: from n/a through 2.1.60. |
| Missing Authorization vulnerability in WPFactory WordPress Adverts Plugin allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WordPress Adverts Plugin: from n/a through 1.4. |
| Missing Authorization vulnerability in pietro Mobile App Canvas allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Mobile App Canvas: from n/a through 3.8.1. |
| Missing Authorization vulnerability in WPWebinarSystem WebinarPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WebinarPress: from n/a through 1.33.27. |
| Missing Authorization vulnerability in Dmitry V. (CEO of "UKR Solution") Barcode Generator for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Barcode Generator for WooCommerce: from n/a through 2.0.4. |
| Missing Authorization vulnerability in webdevstudios Automatic Featured Images from Videos allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Automatic Featured Images from Videos: from n/a through 1.2.4. |
