Total
2747 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-27607 | 2024-04-11 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in WP Swings Points and Rewards for WooCommerce.This issue affects Points and Rewards for WooCommerce: from n/a through 1.5.0. | |||||
| CVE-2023-51672 | 2024-04-11 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through 3.10.3. | |||||
| CVE-2022-47604 | 2024-04-11 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in junkcoder, ristoniinemets AJAX Thumbnail Rebuild.This issue affects AJAX Thumbnail Rebuild: from n/a through 1.13. | |||||
| CVE-2024-31297 | 2024-04-10 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in WPExperts Wholesale For WooCommerce.This issue affects Wholesale For WooCommerce: from n/a through 2.3.0. | |||||
| CVE-2024-31230 | 2024-04-10 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in ShortPixel ShortPixel Adaptive Images.This issue affects ShortPixel Adaptive Images: from n/a through 3.8.2. | |||||
| CVE-2024-31342 | 2024-04-10 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in WPcloudgallery WordPress Gallery Exporter.This issue affects WordPress Gallery Exporter: from n/a through 1.3. | |||||
| CVE-2024-31358 | 2024-04-10 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in Saleswonder.Biz 5 Stars Rating Funnel.This issue affects 5 Stars Rating Funnel: from n/a through 1.2.67. | |||||
| CVE-2024-31343 | 2024-04-10 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through 4.10.1. | |||||
| CVE-2024-31242 | 2024-04-10 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Bricksforge.This issue affects Bricksforge: from n/a through 2.0.17. | |||||
| CVE-2024-31366 | 2024-04-09 | N/A | 7.1 HIGH | ||
| Missing Authorization vulnerability in Themify Post Type Builder (PTB).This issue affects Post Type Builder (PTB): from n/a through 2.0.8. | |||||
| CVE-2024-30216 | 2024-04-09 | N/A | 4.3 MEDIUM | ||
| Cash Management in SAP S/4 HANA does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. By exploiting this vulnerability, attacker can add notes in the review request with 'completed' status affecting the integrity of the application. Confidentiality and Availability are not impacted. | |||||
| CVE-2024-30217 | 2024-04-09 | N/A | 4.3 MEDIUM | ||
| Cash Management in SAP S/4 HANA does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. By exploiting this vulnerability, an attacker can approve or reject a bank account application affecting the integrity of the application. Confidentiality and Availability are not impacted. | |||||
| CVE-2024-31367 | 2024-04-09 | N/A | 7.1 HIGH | ||
| Missing Authorization vulnerability in PenciDesign Soledad.This issue affects Soledad: from n/a through 8.4.2. | |||||
| CVE-2024-28167 | 2024-04-09 | N/A | 6.5 MEDIUM | ||
| SAP Group Reporting Data Collection does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation, specific data can be changed via the Enter Package Data app although the user does not have sufficient authorization causing high impact on Integrity of the appliction. | |||||
| CVE-2024-31368 | 2024-04-09 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in PenciDesign Soledad.This issue affects Soledad: from n/a through 8.4.2. | |||||
| CVE-2024-27910 | 2024-04-08 | N/A | 5.3 MEDIUM | ||
| A vulnerability was reported in some Lenovo Printers that could allow an unauthenticated attacker to reboot the printer without authentication. | |||||
| CVE-2024-27911 | 2024-04-08 | N/A | 7.5 HIGH | ||
| A vulnerability was reported in some Lenovo Printers that could allow an unauthenticated attacker to obtain the administrator password. | |||||
| CVE-2024-31375 | 2024-04-08 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Saleswonder.Biz Team WP2LEADS.This issue affects WP2LEADS: from n/a through 3.2.7. | |||||
| CVE-2024-0394 | 2024-04-03 | N/A | 7.8 HIGH | ||
| Rapid7 Minerva Armor versions below 4.5.5 suffer from a privilege escalation vulnerability whereby an authenticated attacker can elevate privileges and execute arbitrary code with SYSTEM privilege. The vulnerability is caused by the product's implementation of OpenSSL's`OPENSSLDIR` parameter where it is set to a path accessible to low-privileged users. The vulnerability has been remediated and fixed in version 4.5.5. | |||||
| CVE-2024-30477 | 2024-04-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Klarna Klarna Payments for WooCommerce.This issue affects Klarna Payments for WooCommerce: from n/a through 3.2.4. | |||||