Medium
CVE-2023-46644
Missing Authorization vulnerability in WP CTA PRO WordPress CTA allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress CTA: from n/a through 1.5.8.
Tag: Security Misconfiguration
All CVEs associated with "Security Misconfiguration". Page 26/50 • 5959 CVEs.
Subscribe CVEs: RSS for “Security Misconfiguration” · RSS (High+Critical only)
About “Security Misconfiguration”
A curated feed of “Security Misconfiguration”-related CVEs appears below. We currently track 5959 CVEs for this tag (all time). In the last 365 days, 2190 were published. Average CVSS is 5.9 (all time; 5.8 over 365d), and 26% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-862 - Missing Authorization, CWE-284 - Improper Access Control, CWE-266 - Incorrect Privilege Assignment.
In our taxonomy this topic maps to a LOW impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2025-01-02
Medium
CVE-2023-46639
Missing Authorization vulnerability in FeedbackWP kk Star Ratings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects kk Star Ratings: from n/a through 5.4.5.
Medium
CVE-2023-46637
Missing Authorization vulnerability in Saurav Sharma Generate Dummy Posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Generate Dummy Posts: from n/a thr…
Medium
CVE-2023-46635
Missing Authorization vulnerability in YITHEMES YITH WooCommerce Product Add-Ons yith-woocommerce-product-add-ons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue af…
Medium
CVE-2023-46633
Missing Authorization vulnerability in TCBarrett Glossary allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Glossary: from n/a through 3.1.2.
High
CVE-2023-46632
Missing Authorization vulnerability in David Cramer My Shortcodes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Shortcodes: from n/a through 2.3.
Medium
CVE-2023-46631
Missing Authorization vulnerability in RevenueHunt Product Recommendation Quiz for eCommerce product-recommendation-quiz-for-ecommerce allows Exploiting Incorrectly Configured Access Control Security…
Medium
CVE-2023-46628
Missing Authorization vulnerability in RedLettuce Plugins WP Word Count allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Word Count: from n/a through 3.2.…
Medium
CVE-2023-46616
Missing Authorization vulnerability in NSquared Draw Attention allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Draw Attention: from n/a through 2.0.15.
Medium
CVE-2023-46612
Missing Authorization vulnerability in codedraft Mediabay mediabay-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mediabay: from n/a through <= 1.6.
Medium
CVE-2023-46610
Missing Authorization vulnerability in Mohamed Magdy Quill Forms quillforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quill Forms: from n/a through <=…
Medium
CVE-2023-46609
Missing Authorization vulnerability in FeedFocal FeedFocal feedfocal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FeedFocal: from n/a through <= 1.2.2.
Medium
CVE-2023-46608
Missing Authorization vulnerability in WPDO DoLogin Security dologin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DoLogin Security: from n/a through <= 3…
Medium
CVE-2023-46607
Missing Authorization vulnerability in WP iCal Availability WP iCal Availability allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP iCal Availability: from…
Medium
CVE-2023-46606
Missing Authorization vulnerability in Team AtomChat AtomChat atomchat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AtomChat: from n/a through <= 1.1.4.
Medium
CVE-2023-46605
Missing Authorization vulnerability in Ruslan Suhar Convertful – Your Ultimate On-Site Conversion Tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Conve…
Medium
CVE-2023-46309
Missing Authorization vulnerability in AdvancedCoding wpDiscuz wpdiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpDiscuz: from n/a through <= 7.6.10.
Medium
CVE-2023-46206
Missing Authorization vulnerability in Webの相談所 MW WP Form mw-wp-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MW WP Form: from n/a through <= 4.4.5.
Medium
CVE-2023-46203
Missing Authorization vulnerability in JustCoded / Alex Prokopenko Just Custom Fields allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Just Custom Fields: fr…
Medium
CVE-2023-46196
Missing Authorization vulnerability in Repuso Social proof testimonials and reviews by Repuso social-testimonials-and-reviews-widget allows Exploiting Incorrectly Configured Access Control Security L…
Medium
CVE-2023-46195
Missing Authorization vulnerability in CoSchedule Headline Analyzer headline-analyzer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Headline Analyzer: fro…
Medium
CVE-2023-46188
Missing Authorization vulnerability in Jose Mortellaro Freesoul Deactivate Plugins – Plugin manager and cleanup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affe…
Medium
CVE-2023-46083
Missing Authorization vulnerability in WP Chill Kali Forms kali-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kali Forms: from n/a through <= 2.3.27.
Medium
CVE-2023-46082
Missing Authorization vulnerability in Cyberlord92 Broken Link Checker | Finder broken-link-finder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broken Li…
Medium
CVE-2023-46080
Missing Authorization vulnerability in Farhan Noor ApplyOnline – Application Form Builder and Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ApplyO…
Medium
CVE-2023-46079
Missing Authorization vulnerability in WP Royal Ashe Extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ashe Extra: from n/a through 1.2.9.
Medium
CVE-2023-46073
Missing Authorization vulnerability in Mario Peshev DX Delete Attached Media dx-delete-attached-media allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DX Del…
Medium
CVE-2023-45828
Missing Authorization vulnerability in RumbleTalk RumbleTalk Live Group Chat rumbletalk-chat-a-chat-with-themes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affe…
Medium
CVE-2023-45766
Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through <= 4.7.1.
Medium
CVE-2023-45765
Missing Authorization vulnerability in weDevs WP ERP erp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP ERP: from n/a through <= 1.12.6.
Medium
CVE-2023-45760
Missing Authorization vulnerability in AdvancedCoding wpDiscuz wpdiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpDiscuz: from n/a through <= 7.6.3.
Medium
CVE-2023-45649
Missing Authorization vulnerability in codepeople Appointment Hour Booking appointment-hour-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Appointm…
Medium
CVE-2023-45636
Missing Authorization vulnerability in WebToffee WordPress Backup & Migration wp-migration-duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPr…
Medium
CVE-2023-45631
Missing Authorization vulnerability in wpdevart Responsive Image Gallery, Gallery Album allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Image Gal…
Medium
CVE-2023-45275
Missing Authorization vulnerability in WP Chill Kali Forms kali-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kali Forms: from n/a through <= 2.3.28.
Medium
CVE-2023-45271
Missing Authorization vulnerability in WPXPO WowStore product-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WowStore: from n/a through <= 2.7.8.
Medium
CVE-2023-45110
Missing Authorization vulnerability in boldthemes Bold Timeline Lite bold-timeline-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bold Timeline Lite:…
High
CVE-2023-45104
Missing Authorization vulnerability in WPDeveloper BetterLinks betterlinks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BetterLinks: from n/a through <=…
Medium
CVE-2023-45101
Missing Authorization vulnerability in CusRev Customer Reviews for WooCommerce customer-reviews-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects…
Medium
CVE-2023-45061
Missing Authorization vulnerability in awsm.in WP Job Openings wp-job-openings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Openings: from n/a thr…
Medium
CVE-2023-45045
Missing Authorization vulnerability in krozero WP Custom Widget area wp-custom-widget-area allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Widget…
Medium
CVE-2023-45002
Missing Authorization vulnerability in weDevs WP User Frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through 3.6.8.
Medium
CVE-2023-44988
Missing Authorization vulnerability in Martin Gibson WP Custom Admin Interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: fr…
Medium
CVE-2023-44258
Missing Authorization vulnerability in vberkel Schema App Structured Data schema-app-structured-data-for-schemaorg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue a…
Medium
CVE-2024-13105
A vulnerability has been found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/form2Dhcpd.cgi of…
Medium
CVE-2024-13104
A vulnerability, which was classified as critical, was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. Affected is an unknown function of the file /goform/form2AdvanceSetup.cgi of the component Wi…
Medium
CVE-2024-13103
A vulnerability, which was classified as critical, has been found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This issue affects some unknown processing of the file /goform/form2AddVrtsrv.cgi of the…
Medium
CVE-2024-13102
A vulnerability classified as critical was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This vulnerability affects unknown code of the file /goform/DDNS of the component DDNS Service. The manip…
2024-12-31
High
CVE-2024-56070
Missing Authorization vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP SuperBackup: from n/…
Critical
CVE-2024-56066
Missing Authorization vulnerability in inspry Agency Toolkit agency-toolkit allows Privilege Escalation.This issue affects Agency Toolkit: from n/a through <= 1.0.23.
High
CVE-2024-56061
Missing Authorization vulnerability in Ateeq Rafeeq RepairBuddy computer-repair-shop allows Privilege Escalation.This issue affects RepairBuddy: from n/a through <= 3.8119.
Medium
CVE-2024-56002
Missing Authorization vulnerability in mightyforms Contact Form, Survey & Form Builder – MightyForms mightyforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue aff…
Medium
CVE-2024-55995
Missing Authorization vulnerability in Torod Company for Information Technology Torod torod allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Torod: from n/a…
Medium
CVE-2024-51667
Missing Authorization vulnerability in paytiumsupport Paytium paytium.This issue affects Paytium: from n/a through <= 4.4.10.
Medium
CVE-2024-49698
Missing Authorization vulnerability in PriceListo Best Restaurant Menu by PriceListo best-restaurant-menu-by-pricelisto.This issue affects Best Restaurant Menu by PriceListo: from n/a through <= 1.4.…
Medium
CVE-2024-49694
Missing Authorization vulnerability in imw3 My Wp Brand my-wp-brand.This issue affects My Wp Brand: from n/a through <= 1.1.2.
Medium
CVE-2024-49687
Missing Authorization vulnerability in storeapps Smart Manager smart-manager-for-wp-e-commerce.This issue affects Smart Manager: from n/a through <= 8.45.0.
Medium
CVE-2024-49686
Missing Authorization vulnerability in fatcatapps Landing Page Cat landing-page-cat.This issue affects Landing Page Cat: from n/a through <= 1.7.4.
High
CVE-2024-56067
Missing Authorization vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP SuperBackup: from n/…
Medium
CVE-2024-56031
Missing Authorization vulnerability in Yulio Aleman Jimenez Smart Shopify Product smart-shopify-product allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smar…
Medium
CVE-2024-55991
Missing Authorization vulnerability in Mario Peshev WP-CRM System wp-crm-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CRM System: from n/a thro…
Medium
CVE-2023-50850
Missing Authorization vulnerability in Woo WooCommerce Subscriptions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Subscriptions: from n/a bef…
Medium
CVE-2023-48775
Missing Authorization vulnerability in Gfazioli WP Cleanfix allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cleanfix: from n/a through 5.6.2.
Medium
CVE-2024-56234
Missing Authorization vulnerability in vowelweb VW Automobile Lite vw-automobile-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Automobile Lite: fr…
Medium
CVE-2024-56227
Missing Authorization vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royal Elemento…
Medium
CVE-2024-56225
Missing Authorization vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Premium Addo…
Medium
CVE-2024-56219
Missing Authorization vulnerability in Marketing Fire Widget Options widget-options allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Widget Options: from n/a…
Medium
CVE-2024-56217
Missing Authorization vulnerability in Shahjada Download Manager download-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download Manager: from n/a…
Medium
CVE-2024-56215
Missing Authorization vulnerability in DBAR Productions Member Directory and Contact Form pta-member-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affec…
High
CVE-2024-56211
Missing Authorization vulnerability in DeluxeThemes Userpro userpro.This issue affects Userpro: from n/a through <= 5.1.9.
Medium
CVE-2024-13067
A vulnerability was found in CodeAstro Online Food Ordering System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/all_users.php of the component All Use…
2024-12-30
High
CVE-2024-13030
A vulnerability was found in D-Link DIR-823G 1.0.2B05_20181207. It has been rated as critical. This issue affects the function SetAutoRebootSettings/SetClientInfo/SetDMZSettings/SetFirewallSettings/S…
2024-12-28
Medium
CVE-2024-56512
Apache NiFi 1.10.0 through 2.0.0 are missing fine-grained authorization checking for Parameter Contexts, referenced Controller Services, and referenced Parameter Providers, when creating new Process…
2024-12-27
High
CVE-2024-50945
An improper access control vulnerability exists in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f, allowing users to submit reviews without verifying if they have purchased the prod…
2024-12-20
High
CVE-2024-37758
Improper access control in the endpoint /RoleMenuMapping/AddRoleMenu of Digiteam v4.21.0.0 allows authenticated attackers to escalate privileges.
Medium
CVE-2024-56349
In JetBrains TeamCity before 2024.12 improper access control allowed unauthorized users to modify build logs
Medium
CVE-2024-56348
In JetBrains TeamCity before 2024.12 improper access control allowed viewing details of unauthorized agents
2024-12-18
Medium
CVE-2024-55232
An IDOR vulnerability in the manage-notes.php module in PHPGurukul Online Notes Sharing Management System v1.0 allows unauthorized users to delete notes belonging to other accounts due to missing aut…
Medium
CVE-2024-55231
An IDOR vulnerability in the edit-notes.php module of PHPGurukul Online Notes Sharing Management System v1.0 allows unauthorized users to modify notes belonging to other accounts due to missing autho…
High
CVE-2024-56048
Missing Authorization vulnerability in VibeThemes WPLMS wplms_plugin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPLMS: from n/a through <= 1.9.9.
High
CVE-2024-54381
Missing Authorization vulnerability in Dotstore Advance Menu Manager advance-menu-manager.This issue affects Advance Menu Manager: from n/a through <= 3.1.1.
High
CVE-2024-56008
Missing Authorization vulnerability in spreadr Spreadr Woocommerce spreadr-for-woocomerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Spreadr Woocommerce: from…
Medium
CVE-2024-55997
Missing Authorization vulnerability in webchunky Order Delivery & Pickup Location Date Time order-delivery-pickup-location-date-time-free-version allows Exploiting Incorrectly Configured Access Contr…
Medium
CVE-2024-52485
Missing Authorization vulnerability in Yudiz Solutions Ltd. WP Menu Image wp-menu-image allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Menu Image: from…
2024-12-17
Medium
CVE-2024-12539
An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to docu…
2024-12-16
Medium
CVE-2024-56003
Missing Authorization vulnerability in David Cramer Caldera SMTP Mailer caldera-smtp-mailer.This issue affects Caldera SMTP Mailer: from n/a through <= 1.0.1.
Medium
CVE-2024-55999
Missing Authorization vulnerability in Marco Giannini XML Multilanguage Sitemap Generator xml-multilanguage-sitemap-generator.This issue affects XML Multilanguage Sitemap Generator: from n/a through…
Medium
CVE-2024-56009
Missing Authorization vulnerability in spreadr Spreadr Woocommerce spreadr-for-woocomerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Spreadr Woocommerce: from…
Medium
CVE-2024-56007
Missing Authorization vulnerability in leader codes Leader leader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leader: from n/a through <= 2.6.1.
Medium
CVE-2024-56004
Missing Authorization vulnerability in awfowler Easy Site Importer easy-site-importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Site Importer: fr…
Medium
CVE-2024-56001
Missing Authorization vulnerability in ksher thailand Ksher ksher-payment allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ksher: from n/a through <= 1.1.1.
Medium
CVE-2024-55998
Missing Authorization vulnerability in Eric Sloan Popup Surveys & Polls for WordPress (Mare.io) popup-surveys allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affect…
Medium
CVE-2024-55996
Missing Authorization vulnerability in dreamfox Dreamfox Media Payment gateway per Product for Woocommerce woocommerce-product-payments allows Exploiting Incorrectly Configured Access Control Securit…
Medium
CVE-2024-55994
Missing Authorization vulnerability in sohu 畅言评论系统 changyan allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 畅言评论系统: from n/a through <= 2.0.5.
Medium
CVE-2024-55993
Missing Authorization vulnerability in PickPlugins Job Board Manager job-board-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Job Board Manager: fr…
Medium
CVE-2024-55992
Missing Authorization vulnerability in Open Tools WooCommerce Basic Ordernumbers woocommerce-basic-ordernumbers allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affe…
Medium
CVE-2024-54417
Missing Authorization vulnerability in pixelgrade PixProof pixproof allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects PixProof: from n/a through <= 2.0.1.
Medium
CVE-2024-54402
Missing Authorization vulnerability in Mohamed Abd Elhalim Arabic Webfonts arabic-webfonts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Arabic Webfonts:…
Medium
CVE-2024-54384
Missing Authorization vulnerability in Anh Tran Falcon – WordPress Optimizations & Tweaks falcon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Falcon – Wo…
High
CVE-2024-54379
Missing Authorization vulnerability in blokhauswp Minterpress minterpress allows Privilege Escalation.This issue affects Minterpress: from n/a through <= 1.0.5.
High
CVE-2024-54378
Missing Authorization vulnerability in Quietly Quietly Insights quietly-insights allows Privilege Escalation.This issue affects Quietly Insights: from n/a through <= 1.2.2.
Critical
CVE-2024-54369
Missing Authorization vulnerability in ThemeHunk Zita Site Builder ai-site-builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Zita Site Builder: from n/a throu…
High
CVE-2024-54359
Missing Authorization vulnerability in Saul Morales Pacheco Banner System banner-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Banner System: from…
Medium
CVE-2024-54354
Missing Authorization vulnerability in beat.k Termin-Kalender termin-kalender allows Stored XSS.This issue affects Termin-Kalender: from n/a through <= 0.99.47.
2024-12-13
Medium
CVE-2024-12553
GeoVision GV-ASManager Missing Authorization Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of GeoVision…
Medium
CVE-2024-54326
Missing Authorization vulnerability in Eyal Fitoussi GEO my WordPress geo-my-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GEO my WordPress: from n/a t…
Medium
CVE-2024-54323
Missing Authorization vulnerability in Saad Iqbal New User Approve new-user-approve allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects New User Approve: from n…
Medium
CVE-2024-54311
Missing Authorization vulnerability in i.lychkov Mark New Posts mark-new-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mark New Posts: from n/a thro…
Medium
CVE-2024-54310
Missing Authorization vulnerability in Aslam Khan Gouran Gou Manage My Account Menu gou-wc-account-tabs allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Gou Manage M…
Medium
CVE-2024-54298
Missing Authorization vulnerability in sminozzi Car Dealer cardealer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Car Dealer: from n/a through <= 4.46.
Medium
CVE-2024-54289
Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from…
Medium
CVE-2024-54278
Missing Authorization vulnerability in Plugin Devs News Ticker for Elementor news-ticker-for-elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects News Ticker f…
Medium
CVE-2024-54271
Missing Authorization vulnerability in Arni Cinco WPCargo Track & Trace wpcargo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCargo Track & Trace: from…
Medium
CVE-2024-54268
Missing Authorization vulnerability in Greg - SiteOrigin SiteOrigin Widgets Bundle so-widgets-bundle allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteOri…
Medium
CVE-2024-54267
Missing Authorization vulnerability in CreativeMindsSolutions CM Answers cm-answers allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CM Answers: from n/a thr…
High
CVE-2024-54256
Missing Authorization vulnerability in Seerox Easy Blocks pro easy-blocks-pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Easy Blocks pro: from n/a through <= 1…
Medium
CVE-2024-54252
Missing Authorization vulnerability in DOTonPAPER Pinpoint Booking System booking-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pinpoint Booking Sy…
Medium
CVE-2024-54242
Missing Authorization vulnerability in appsbd Simple Notification simple-notification allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Notification: f…
Medium
CVE-2024-54241
Missing Authorization vulnerability in Appsbd Elite Notification – Sales Popup, Social Proof, FOMO & WooCommerce Notification allows Exploiting Incorrectly Configured Access Control Security Levels.T…
Critical
CVE-2024-54239
Missing Authorization vulnerability in dugudlabs Eyewear prescription form eyewear-prescription-form allows Privilege Escalation.This issue affects Eyewear prescription form: from n/a through <= 4.0.…