Total
2747 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-32713 | 1 Autowriter | 1 Ai Post Generator \| Autowriter | 2024-06-12 | N/A | 8.8 HIGH |
| Missing Authorization vulnerability in AutoWriter AI Post Generator | AutoWriter.This issue affects AI Post Generator | AutoWriter: from n/a through 3.3. | |||||
| CVE-2024-31275 | 1 Metagauss | 1 Eventprime | 2024-06-12 | N/A | 9.8 CRITICAL |
| Missing Authorization vulnerability in Metagauss EventPrime.This issue affects EventPrime: from n/a through 3.3.4. | |||||
| CVE-2024-31276 | 1 Wpfactory | 1 Products\, Order \& Customers Export For Woocommerce | 2024-06-12 | N/A | 9.8 CRITICAL |
| Missing Authorization vulnerability in WPFactory Products, Order & Customers Export for WooCommerce.This issue affects Products, Order & Customers Export for WooCommerce: from n/a through 2.0.8. | |||||
| CVE-2024-31283 | 1 Zorem | 1 Advanced Local Pickup For Woocommerce | 2024-06-12 | N/A | 9.8 CRITICAL |
| Missing Authorization vulnerability in zorem Advanced Local Pickup for WooCommerce.This issue affects Advanced Local Pickup for WooCommerce: from n/a through 1.6.2. | |||||
| CVE-2024-31284 | 1 Wpdeveloper | 1 Embedpress | 2024-06-12 | N/A | 9.8 CRITICAL |
| Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.9.8. | |||||
| CVE-2024-31304 | 1 Multivendorx | 1 Multivendorx | 2024-06-12 | N/A | 8.8 HIGH |
| Missing Authorization vulnerability in MultiVendorX WC Marketplace.This issue affects WC Marketplace: from n/a through 4.1.3. | |||||
| CVE-2024-32081 | 1 Websupporter Filter Custom Fields \& Taxonomies Light Project | 1 Websupporter Filter Custom Fields \& Taxonomies Light | 2024-06-12 | N/A | 8.8 HIGH |
| Missing Authorization vulnerability in Websupporter Filter Custom Fields & Taxonomies Light.This issue affects Filter Custom Fields & Taxonomies Light: from n/a through 1.05. | |||||
| CVE-2024-34802 | 1 Wpfoxly | 1 Adfoxly | 2024-06-12 | N/A | 9.8 CRITICAL |
| Missing Authorization vulnerability in AdFoxly AdFoxly – Ad Manager, AdSense Ads & Ads.Txt.This issue affects AdFoxly – Ad Manager, AdSense Ads & Ads.Txt: from n/a through 1.8.5. | |||||
| CVE-2024-35661 | 1 Softlabbd | 1 Upload Fields For Wpforms | 2024-06-12 | N/A | 9.8 CRITICAL |
| Missing Authorization vulnerability in SoftLab Upload Fields for WPForms.This issue affects Upload Fields for WPForms: from n/a through 1.0.2. | |||||
| CVE-2024-35662 | 1 83pixel | 1 Simple Cod Fees For Woocommerce | 2024-06-12 | N/A | 8.8 HIGH |
| Missing Authorization vulnerability in Andreas Sofantzis Simple COD Fees for WooCommerce.This issue affects Simple COD Fees for WooCommerce: from n/a through 2.0.2. | |||||
| CVE-2024-35748 | 1 Opmc | 1 Woocommerce Dropshipping | 2024-06-12 | N/A | 5.3 MEDIUM |
| Missing Authorization vulnerability in OPMC WooCommerce Dropshipping.This issue affects WooCommerce Dropshipping: from n/a through 5.0.4. | |||||
| CVE-2024-5382 | 1 Master-addons | 1 Master Addons | 2024-06-11 | N/A | 5.3 MEDIUM |
| The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ma-template' REST API route in all versions up to, and including, 2.0.6.1. This makes it possible for unauthenticated attackers to create or modify existing Master Addons templates or make settings modifications related to these templates. | |||||
| CVE-2024-5489 | 1 Wbcomdesigns | 1 Custom Font Uploader | 2024-06-11 | N/A | 4.3 MEDIUM |
| The Wbcom Designs – Custom Font Uploader plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'cfu_delete_customfont' function in all versions up to, and including, 2.3.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete any custom font. | |||||
| CVE-2024-5665 | 1 Xootix | 1 Login\/signup Popup | 2024-06-11 | N/A | 4.3 MEDIUM |
| The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ‘export_settings’ function in versions 2.7.1 to 2.7.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read arbitrary options on affected sites. | |||||
| CVE-2024-5453 | 1 Metagauss | 1 Profilegrid | 2024-06-11 | N/A | 4.3 MEDIUM |
| The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pm_dismissible_notice and pm_wizard_update_group_icon functions in all versions up to, and including, 5.8.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary options to the value '1' or change group icons. | |||||
| CVE-2024-4088 | 1 Wpattire | 1 Attire Blocks | 2024-06-11 | N/A | 4.3 MEDIUM |
| The Gutenberg Blocks and Page Layouts – Attire Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the disable_fe_assets function in all versions up to, and including, 1.9.2. This makes it possible for authenticated attackers, with subscriber access or above, to change the plugin's settings. Additionally, no nonce check is performed resulting in a CSRF vulnerability. | |||||
| CVE-2024-30525 | 1 Moveaddons | 1 Move Addons For Elementor | 2024-06-11 | N/A | 7.3 HIGH |
| Missing Authorization vulnerability in moveaddons Move Addons for Elementor.This issue affects Move Addons for Elementor: from n/a through 1.2.9. | |||||
| CVE-2024-30528 | 1 Spiffyplugins | 1 Spiffy Calendar | 2024-06-11 | N/A | 6.3 MEDIUM |
| Missing Authorization vulnerability in Spiffy Plugins Spiffy Calendar.This issue affects Spiffy Calendar: from n/a through 4.9.10. | |||||
| CVE-2024-30484 | 1 Risethemes | 1 Rt Easy Builder | 2024-06-11 | N/A | 8.8 HIGH |
| Missing Authorization vulnerability in RT Easy Builder – Advanced addons for Elementor.This issue affects RT Easy Builder – Advanced addons for Elementor: from n/a through 2.0. | |||||
| CVE-2024-34813 | 2024-06-11 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in MoreConvert MC Woocommerce Wishlist.This issue affects MC Woocommerce Wishlist: from n/a through 1.7.8. | |||||