Total
5660 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-24719 | 2024-11-21 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Uriahs Victor Location Picker at Checkout for WooCommerce.This issue affects Location Picker at Checkout for WooCommerce: from n/a through 1.8.9. | |||||
| CVE-2024-24716 | 1 Getawesomesupport | 1 Awesome Support | 2024-11-21 | N/A | 5.4 MEDIUM |
| Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.6. | |||||
| CVE-2024-24711 | 2024-11-21 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in weDevs WooCommerce Conversion Tracking.This issue affects WooCommerce Conversion Tracking: from n/a through 2.0.11. | |||||
| CVE-2024-24710 | 2024-11-21 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in SlickRemix Feed Them Social.This issue affects Feed Them Social: from n/a through 4.2.0. | |||||
| CVE-2024-24704 | 1 Addonmaster | 1 Load More Anything | 2024-11-21 | N/A | 5.4 MEDIUM |
| Missing Authorization vulnerability in AddonMaster Load More Anything.This issue affects Load More Anything: from n/a through 3.3.3. | |||||
| CVE-2024-24703 | 2024-11-21 | N/A | 8.6 HIGH | ||
| Missing Authorization vulnerability in MultiVendorX WC Marketplace.This issue affects WC Marketplace: from n/a through 4.0.25. | |||||
| CVE-2024-23524 | 1 Ontraport | 1 Pilotpress | 2024-11-21 | N/A | 5.3 MEDIUM |
| Missing Authorization vulnerability in ONTRAPORT Inc. PilotPress.This issue affects PilotPress: from n/a through 2.0.30. | |||||
| CVE-2024-23521 | 1 Happyforms | 1 Happyforms | 2024-11-21 | N/A | 5.3 MEDIUM |
| Missing Authorization vulnerability in Happyforms.This issue affects Happyforms: from n/a through 1.25.10. | |||||
| CVE-2024-23518 | 2024-11-21 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Navneil Naicker ACF Photo Gallery Field.This issue affects ACF Photo Gallery Field: from n/a through 2.6. | |||||
| CVE-2024-23504 | 1 Wpmanageninja | 1 Ninja Tables | 2024-11-21 | N/A | 5.3 MEDIUM |
| Missing Authorization vulnerability in WPManageNinja LLC Ninja Tables.This issue affects Ninja Tables: from n/a through 5.0.5. | |||||
| CVE-2024-23503 | 1 Wpmanageninja | 1 Ninja Tables | 2024-11-21 | N/A | 4.3 MEDIUM |
| Missing Authorization vulnerability in WPManageNinja LLC Ninja Tables.This issue affects Ninja Tables: from n/a through 5.0.6. | |||||
| CVE-2024-22296 | 1 Code4recovery | 1 12 Step Meeting List | 2024-11-21 | N/A | 4.3 MEDIUM |
| Missing Authorization vulnerability in Code for Recovery 12 Step Meeting List.This issue affects 12 Step Meeting List: from n/a through 3.14.28. | |||||
| CVE-2024-22156 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in SNP Digital SalesKing.This issue affects SalesKing: from n/a through 1.6.15. | |||||
| CVE-2024-21751 | 1 Yoginetwork | 1 Rabbitloader | 2024-11-21 | N/A | 5.4 MEDIUM |
| Missing Authorization vulnerability in RabbitLoader.This issue affects RabbitLoader: from n/a through 2.19.13. | |||||
| CVE-2024-21748 | 1 Icegram | 1 Icegram Express | 2024-11-21 | N/A | 4.3 MEDIUM |
| Missing Authorization vulnerability in Icegram.This issue affects Icegram: from n/a through 3.1.21. | |||||
| CVE-2024-21630 | 1 Zulip | 1 Zulip Server | 2024-11-21 | N/A | 4.3 MEDIUM |
| Zulip is an open-source team collaboration tool. A vulnerability in version 8.0 is similar to CVE-2023-32677, but applies to multi-use invitations, not single-use invitation links as in the prior CVE. Specifically, it applies when the installation has configured non-admins to be able to invite users and create multi-use invitations, and has also configured only admins to be able to invite users to streams. As in CVE-2023-32677, this does not let users invite new users to arbitrary streams, only to streams that the inviter can already see. Version 8.1 fixes this issue. As a workaround, administrators can limit sending of invitations down to users who also have the permission to add users to streams. | |||||
| CVE-2024-1955 | 1 Wprepublic | 1 Hide Dashboard Notifications | 2024-11-21 | N/A | 4.3 MEDIUM |
| The Hide Dashboard Notifications plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'warning_notices_settings' function in all versions up to, and including, 1.3. This makes it possible for authenticated attackers, with contributor access and above, to modify the plugin's settings. | |||||
| CVE-2024-1804 | 1 Themeum | 1 Tutor Lms - Migration Tool | 2024-11-21 | N/A | 4.3 MEDIUM |
| The Tutor LMS – Migration Tool plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tutor_import_from_xml function in all versions up to, and including, 2.2.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to import courses. | |||||
| CVE-2024-1798 | 1 Themeum | 1 Tutor Lms - Migration Tool | 2024-11-21 | N/A | 5.3 MEDIUM |
| The Tutor LMS – Migration Tool plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the tutor_lp_export_xml function in all versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to export courses, including private and password protected courses. | |||||
| CVE-2024-1689 | 1 Themefarmer | 1 Woocommerce Tools | 2024-11-21 | N/A | 5.3 MEDIUM |
| The WooCommerce Tools plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the woocommerce_tool_toggle_module() function in all versions up to, and including, 1.2.9. This makes it possible for authenticated attackers, with subscriber-level access and above, to deactivate arbitrary plugin modules. | |||||