Total
5125 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-24448 | 1 Jenkins | 1 Rabbitmq Consumer | 2025-04-02 | N/A | 6.5 MEDIUM |
| A missing permission check in Jenkins RabbitMQ Consumer Plugin 2.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified AMQP(S) URL using attacker-specified username and password. | |||||
| CVE-2023-24438 | 1 Jenkins | 1 Jira Pipeline Steps | 2025-04-02 | N/A | 6.5 MEDIUM |
| A missing permission check in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | |||||
| CVE-2023-24436 | 1 Jenkins | 1 Github Pull Request Builder | 2025-04-02 | N/A | 4.3 MEDIUM |
| A missing permission check in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | |||||
| CVE-2023-24435 | 1 Jenkins | 1 Github Pull Request Builder | 2025-04-02 | N/A | 6.5 MEDIUM |
| A missing permission check in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | |||||
| CVE-2023-24433 | 1 Jenkins | 1 Orka By Macstadium | 2025-04-02 | N/A | 6.5 MEDIUM |
| Missing permission checks in Jenkins Orka by MacStadium Plugin 1.31 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | |||||
| CVE-2025-27666 | 1 Printerlogic | 2 Vasion Print, Virtual Appliance | 2025-04-01 | N/A | 9.8 CRITICAL |
| Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Insufficient Authorization Checks OVE-20230524-0010. | |||||
| CVE-2025-31555 | 2025-04-01 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in ContentMX ContentMX Content Publisher allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ContentMX Content Publisher: from n/a through 1.0.6. | |||||
| CVE-2025-31539 | 2025-04-01 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Blocksera Cryptocurrency Widgets Pack allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Cryptocurrency Widgets Pack: from n/a through 2.0.1. | |||||
| CVE-2025-31576 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Gagan Deep Singh PostmarkApp Email Integrator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PostmarkApp Email Integrator: from n/a through 2.4. | |||||
| CVE-2025-31606 | 2025-04-01 | N/A | 4.8 MEDIUM | ||
| Missing Authorization vulnerability in softpulseinfotech SP Blog Designer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SP Blog Designer: from n/a through 1.0.0. | |||||
| CVE-2025-31596 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Chatwee Chat by Chatwee allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Chat by Chatwee: from n/a through 2.1.3. | |||||
| CVE-2025-31544 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in WP Messiah Swiss Toolkit For WP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Swiss Toolkit For WP: from n/a through 1.3.0. | |||||
| CVE-2025-31611 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Shaharia Azam Auto Post After Image Upload allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Auto Post After Image Upload: from n/a through 1.6. | |||||
| CVE-2025-31609 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Arni Cinco WPCargo Track & Trace allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WPCargo Track & Trace: from n/a through 7.0.6. | |||||
| CVE-2025-2266 | 2025-04-01 | N/A | 9.8 CRITICAL | ||
| The Checkout Mestres do WP for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the cwmpUpdateOptions() function in versions 8.6.5 to 8.7.5. This makes it possible for unauthenticated attackers to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site. | |||||
| CVE-2025-31603 | 2025-04-01 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in moshensky CF7 Spreadsheets allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CF7 Spreadsheets: from n/a through 2.3.2. | |||||
| CVE-2025-31528 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in wokamoto StaticPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects StaticPress: from n/a through 0.4.5. | |||||
| CVE-2025-31417 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Fahad Mahmood WP Docs allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Docs: from n/a through n/a. | |||||
| CVE-2025-31529 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Rashid Slider Path for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Slider Path for Elementor: from n/a through 3.0.0. | |||||
| CVE-2025-31546 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in WP Messiah Swiss Toolkit For WP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Swiss Toolkit For WP: from n/a through 1.3.0. | |||||