Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-264
Total 5466 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-38104 1 Oxilab 1 Accordions 2024-11-21 N/A 7.2 HIGH
Auth. WordPress Options Change (siteurl, users_can_register, default_role, admin_email and new_admin_email) vulnerability in Biplob Adhikari's Accordions – Multiple Accordions or FAQs Builder plugin (versions <= 2.0.3 on WordPress.
CVE-2022-38070 1 Mypopups 1 Pop-up 2024-11-21 N/A 5.4 MEDIUM
Privilege Escalation (subscriber+) vulnerability in Pop-up plugin <= 1.1.5 at WordPress.
CVE-2022-38067 1 Total-soft 1 Event Calendar 2024-11-21 N/A 6.5 MEDIUM
Unauthenticated Event Deletion vulnerability in Totalsoft Event Calendar – Calendar plugin <= 1.4.6 at WordPress.
CVE-2022-38058 1 Wpvar 1 Wp Shamsi 2024-11-21 N/A 4.3 MEDIUM
Authenticated (subscriber+) Plugin Setting change vulnerability in WP Shamsi plugin <= 4.1.1 at WordPress.
CVE-2022-37344 1 Accommodation-system Project 1 Accommodation-system 2024-11-21 N/A 7.6 HIGH
Missing Access Control vulnerability in PHP Crafts Accommodation System plugin <= 1.0.1 at WordPress.
CVE-2022-36793 1 Wp-shop 1 Wp Shop 2024-11-21 N/A 6.5 MEDIUM
Unauthenticated Plugin Settings Change & Data Deletion vulnerabilities in WP Shop plugin <= 3.9.6 at WordPress.
CVE-2022-36427 1 About-rentals Project 1 About-rentals 2024-11-21 N/A 7.3 HIGH
Missing Access Control vulnerability in About Rentals. Inc. About Rentals plugin <= 1.5 at WordPress.
CVE-2022-36425 1 Fastlinemedia 1 Beaver Builder 2024-11-21 N/A 5.4 MEDIUM
Broken Access Control vulnerability in Beaver Builder plugin <= 2.5.4.3 at WordPress.
CVE-2022-36387 1 About-me Project 1 About-me 2024-11-21 N/A 7.6 HIGH
Broken Access Control vulnerability in Alessio Caiazza's About Me plugin <= 1.0.12 at WordPress.
CVE-2022-36375 1 Oxilab 1 Responsive Tabs 2024-11-21 N/A 7.2 HIGH
Authenticated (high role user) WordPress Options Change vulnerability in Biplob Adhikari's Tabs plugin <= 3.6.0 at WordPress.
CVE-2022-35242 1 59sec 1 The Leads Management System\ 2024-11-21 N/A 6.5 MEDIUM
Unauthenticated plugin settings change vulnerability in 59sec THE Leads Management System: 59sec LITE plugin <= 3.4.1 at WordPress.
CVE-2022-35238 1 Brinidesigner 1 Awesome Filterable Portfolio 2024-11-21 N/A 6.5 MEDIUM
Unauthenticated Plugin Settings Change vulnerability in Awesome Filterable Portfolio plugin <= 1.9.7 at WordPress.
CVE-2022-34868 1 Yookassa 1 Yukassa For Woocommerce 2024-11-21 N/A 8.8 HIGH
Authenticated Arbitrary Settings Update vulnerability in YooMoney ЮKassa для WooCommerce plugin <= 2.3.0 at WordPress.
CVE-2022-34487 1 Oxilab 1 Shortcode Addons 2024-11-21 N/A 9.8 CRITICAL
Unauthenticated Arbitrary Option Update vulnerability in biplob018's Shortcode Addons plugin <= 3.0.2 at WordPress.
CVE-2022-34149 1 Miniorange 1 Wp Oauth Server 2024-11-21 N/A 9.8 CRITICAL
Authentication Bypass vulnerability in miniOrange WP OAuth Server plugin <= 3.0.4 at WordPress.
CVE-2022-33970 1 Oxilab 1 Shortcode Addons 2024-11-21 N/A 7.2 HIGH
Authenticated WordPress Options Change vulnerability in Biplob018 Shortcode Addons plugin <= 3.1.2 at WordPress.
CVE-2022-33969 1 Oxilab 1 Flipbox 2024-11-21 N/A 7.2 HIGH
Authenticated WordPress Options Change vulnerability in Biplob Adhikari's Flipbox plugin <= 2.6.0 at WordPress.
CVE-2022-33198 1 Oxilab 1 Accordions 2024-11-21 N/A 9.8 CRITICAL
Unauthenticated WordPress Options Change vulnerability in Biplob Adhikari's Accordions plugin <= 2.0.2 at WordPress.
CVE-2022-29444 1 Cloudways 1 Breeze 2024-11-21 3.5 LOW 6.5 MEDIUM
Plugin Settings Change leading to Cross-Site Scripting (XSS) vulnerability in Cloudways Breeze plugin <= 2.0.2 on WordPress allows users with a subscriber or higher user role to execute any of the wp_ajax_* actions in the class Breeze_Configuration which includes the ability to change any of the plugin's settings including CDN setting which could be further used for XSS attack.
CVE-2022-29423 1 Edmonsoft 1 Countdown Builder 2024-11-21 7.5 HIGH 3.8 LOW
Pro Features Lock Bypass vulnerability in Countdown & Clock plugin <= 2.3.2 at WordPress.