Medium
CVE-2022-45806
Missing Authorization vulnerability in Strategy11 Form Builder Team Formidable Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Formidable Forms: from…
Tag: Security Misconfiguration
All CVEs associated with "Security Misconfiguration". Page 28/50 • 5959 CVEs.
Subscribe CVEs: RSS for “Security Misconfiguration” · RSS (High+Critical only)
About “Security Misconfiguration”
A curated feed of “Security Misconfiguration”-related CVEs appears below. We currently track 5959 CVEs for this tag (all time). In the last 365 days, 2190 were published. Average CVSS is 5.9 (all time; 5.8 over 365d), and 26% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-862 - Missing Authorization, CWE-284 - Improper Access Control, CWE-266 - Incorrect Privilege Assignment.
In our taxonomy this topic maps to a LOW impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2024-12-13
Medium
CVE-2022-44578
Missing Authorization vulnerability in Pierre JEHAN Owl Carousel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Owl Carousel: from n/a through 0.5.3.
Medium
CVE-2022-43472
Missing Authorization vulnerability in StylemixThemes eRoom – Zoom Meetings & Webinar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects eRoom – Zoom Meetings…
High
CVE-2024-10783
The MainWP Child – Securely Connects to the MainWP Dashboard to Manage Multiple Sites plugin for WordPress is vulnerable to privilege escalation due to a missing authorization checks on the register_…
2024-12-12
Medium
CVE-2024-54103
Vulnerability of improper access control in the album module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Medium
CVE-2024-54100
Vulnerability of improper access control in the secure input module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
Medium
CVE-2024-54096
Vulnerability of improper access control in the MTP module Impact: Successful exploitation of this vulnerability may affect integrity and accuracy.
Medium
CVE-2024-12018
The Snippet Shortcodes plugin for WordPress is vulnerable to unauthorized Shortcode Deletion due to missing authorization in all versions up to, and including, 4.1.6. Note that a nonce is used as aut…
2024-12-11
Medium
CVE-2024-54269
Missing Authorization vulnerability in Ninja Team Notibar notibar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notibar: from n/a through <= 2.1.4.
2024-12-10
Medium
CVE-2024-43717
Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage…
Medium
CVE-2024-43716
Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage…
Medium
CVE-2024-54038
Adobe Connect versions 12.6, 11.4.7 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this…
Medium
CVE-2024-53243
In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and versions below 3.2.462, 3.7.18, and 3.8.5 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does no…
2024-12-09
High
CVE-2024-46547
A vulnerability was found in Romain Bourdon Wampserver all versions (discovered in v3.2.3 and v3.2.6) where unauthorized users could access sensitive information due to improper access control valida…
High
CVE-2024-53450
RAGFlow 0.13.0 suffers from improper access control in document-hooks.ts, allowing unauthorized access to user documents.
Medium
CVE-2024-45760
Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains an improper access control vulnerability. A remote low privileged user could potentially exploit this vulnerability via the…
High
CVE-2024-49600
Dell Power Manager (DPM), versions prior to 3.17, contain an improper access control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading t…
Medium
CVE-2024-54218
Missing Authorization vulnerability in thehp AIO Contact aio-contact.This issue affects AIO Contact: from n/a through <= 2.8.1.
Medium
CVE-2024-52480
Missing Authorization vulnerability in Astoundify Jobify jobify.This issue affects Jobify: from n/a through < 4.3.0.
Medium
CVE-2024-52391
Missing Authorization vulnerability in Genetech Pie Register Premium.This issue affects Pie Register Premium: from n/a before 3.8.3.3.
Medium
CVE-2023-41953
Missing Authorization vulnerability in ProfilePress Membership Team ProfilePress.This issue affects ProfilePress: from n/a through 4.13.1.
Medium
CVE-2024-54254
Missing Authorization vulnerability in Kofi Mokome Message Filter for Contact Form 7 cf7-message-filter.This issue affects Message Filter for Contact Form 7: from n/a through <= 1.6.3.
Medium
CVE-2024-54251
Missing Authorization vulnerability in prodigycommerce Prodigy Commerce prodigy-commerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Prodigy Commerce: f…
Medium
CVE-2024-54227
Missing Authorization vulnerability in Dotstore Minimum and Maximum Quantity for WooCommerce min-and-max-quantity-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Leve…
Medium
CVE-2024-54217
Missing Authorization vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through <= 6.4.1.
Medium
CVE-2024-53819
Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices.This issue affects Client Invoicing by Sprout Invoices: from n/a through <= 20.8.0.
Medium
CVE-2024-53816
Missing Authorization vulnerability in Themeum Tutor LMS Elementor Addons tutor-lms-elementor-addons.This issue affects Tutor LMS Elementor Addons: from n/a through <= 2.1.5.
Medium
CVE-2024-53798
Missing Authorization vulnerability in BAKKBONE Australia FloristPress bakkbone-florist-companion.This issue affects FloristPress: from n/a through <= 7.3.0.
Medium
CVE-2024-53785
Missing Authorization vulnerability in Alexander Volkov Chatter.This issue affects Chatter: from n/a through 1.0.1.
Critical
CVE-2024-43222
Missing Authorization vulnerability in SeventhQueen Sweet Date sweetdate allows Privilege Escalation.This issue affects Sweet Date: from n/a through <= 3.7.3.
Medium
CVE-2023-51362
Missing Authorization vulnerability in Premio My Sticky Elements mystickyelements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Sticky Elements: from n…
Medium
CVE-2023-51360
Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential…
Medium
CVE-2023-51359
Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential…
Medium
CVE-2023-51357
Missing Authorization vulnerability in Conversios Conversios.io enhanced-e-commerce-for-woocommerce-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Co…
High
CVE-2023-51355
Missing Authorization vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MultiVendorX: f…
Medium
CVE-2023-51353
Missing Authorization vulnerability in supsystic Popup by Supsystic popup-by-supsystic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup by Supsystic: f…
Medium
CVE-2023-50904
Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through <= 4.8.0.
Medium
CVE-2023-50903
Missing Authorization vulnerability in Roxnor Metform metform allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Metform: from n/a through <= 3.4.0.
Medium
CVE-2023-50899
Missing Authorization vulnerability in MultiVendorX Product Catalog Enquiry for WooCommerce by MultiVendorX allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects…
Medium
CVE-2023-50887
Missing Authorization vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Feedback: from n/a t…
Medium
CVE-2023-50884
Missing Authorization vulnerability in LA-Studio LA-Studio Element Kit for Elementor lastudio-element-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LA…
Medium
CVE-2023-50882
Missing Authorization vulnerability in properfraction ProfilePress wp-user-avatar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ProfilePress: from n/a thr…
Medium
CVE-2023-50877
Missing Authorization vulnerability in woobewoo Product Filter by WBW allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Filter by WBW: from n/a throug…
Medium
CVE-2023-50876
Missing Authorization vulnerability in Molongui Molongui allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Molongui: from n/a through 4.7.3.
Medium
CVE-2023-50375
Missing Authorization vulnerability in edo888 Google Language Translator google-language-translator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Google L…
Medium
CVE-2023-50373
Missing Authorization vulnerability in WPSAAD Alt Manager alt-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Alt Manager: from n/a through <= 1.6.1.
Medium
CVE-2023-49861
Missing Authorization vulnerability in socialmediafeather Social Media Feather social-media-feather allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social M…
Medium
CVE-2023-49859
Missing Authorization vulnerability in Marcus (aka @msykes) Login With Ajax login-with-ajax allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login With Ajax:…
Medium
CVE-2023-49858
Missing Authorization vulnerability in Austin Custom Login custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Login: from n/a through <= 4.…
Medium
CVE-2023-49857
Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from…
High
CVE-2023-49856
Missing Authorization vulnerability in EDGARROJAS Smart Forms smart-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart Forms: from n/a through <= 2…
Medium
CVE-2023-49851
Missing Authorization vulnerability in ILMDESIGNS Square Thumbnails allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Square Thumbnails: from n/a through 1.1.…
Medium
CVE-2023-49850
Missing Authorization vulnerability in Ashish Ajani WP Simple HTML Sitemap allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Simple HTML Sitemap: from n/a…
Medium
CVE-2023-49849
Missing Authorization vulnerability in vaakash Shortcoder shortcoder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shortcoder: from n/a through <= 6.3.
Medium
CVE-2023-49848
Missing Authorization vulnerability in Marc dooder Sharkdropship dropshipping for Aliexpress, eBay, Amazon, etsy woo-aliexpress-dropshipping allows Exploiting Incorrectly Configured Access Control Se…
Medium
CVE-2023-49845
Missing Authorization vulnerability in mattdeclaire Redirects redirects allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Redirects: from n/a through <= 1.2.1.
Medium
CVE-2023-49835
Missing Authorization vulnerability in Metaphor Creations Post Duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Duplicator: from n/a through…
Medium
CVE-2023-49832
Missing Authorization vulnerability in Gemini Labs Site Reviews site-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Site Reviews: from n/a through…
High
CVE-2023-49831
Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.Thi…
Medium
CVE-2023-49818
Missing Authorization vulnerability in Webflow Webflow Pages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Webflow Pages: from n/a through 1.0.8.
High
CVE-2023-49817
Missing Authorization vulnerability in heoLixfy Flexible Woocommerce Checkout Field Editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flexible Woocomme…
Medium
CVE-2023-49758
Missing Authorization vulnerability in Roland Murg WP Booking System wp-booking-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Booking System: fr…
Medium
CVE-2023-49757
Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from…
Medium
CVE-2023-49756
Missing Authorization vulnerability in Arraytics Eventin wp-event-solution allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventin: from n/a through <= 3.3.…
Medium
CVE-2023-49755
Missing Authorization vulnerability in B.M. Rafiul Alam Elementor Timeline Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Timeline Widget:…
Medium
CVE-2023-49754
Missing Authorization vulnerability in Yogesh Pawar Bulk Edit Post Titles bulk-edit-post-titles allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bulk Edit Po…
Medium
CVE-2023-49196
Missing Authorization vulnerability in Pagelayer Team PageLayer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PageLayer: from n/a through 1.7.7.
Medium
CVE-2023-49193
Missing Authorization vulnerability in NerdPress Hubbub Lite social-pug allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hubbub Lite: from n/a through <= 1.3…
Medium
CVE-2023-49192
Missing Authorization vulnerability in cl272 Enhanced Text Widget enhanced-text-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Text Widget:…
Medium
CVE-2023-49167
Missing Authorization vulnerability in code4life Database for CF7 database-for-cf7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Database for CF7: from n/…
Medium
CVE-2023-49156
Missing Authorization vulnerability in GoDaddy GoDaddy Email Marketing godaddy-email-marketing-sign-up-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects…
Medium
CVE-2023-49154
Missing Authorization vulnerability in Wow-Company Button Generator – easily Button Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Button Generator…
Medium
CVE-2023-48779
Missing Authorization vulnerability in 3DWeb 360 Javascript Viewer 360deg-javascript-viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 360 Javascript V…
Medium
CVE-2023-48776
Missing Authorization vulnerability in virtuellwerk canvasio3D Light canvasio3d-light allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects canvasio3D Light: from…
Medium
CVE-2023-48774
Missing Authorization vulnerability in Martin Gibson IdeaPush allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IdeaPush: from n/a through n/a.
Medium
CVE-2023-48750
Missing Authorization vulnerability in voidthemes Void Elementor Post Grid Addon for Elementor Page builder void-elementor-post-grid-addon-for-elementor-page-builder allows Exploiting Incorrectly Con…
Medium
CVE-2023-48740
Missing Authorization vulnerability in Sajid Javed Easy Social Feed easy-facebook-likebox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Social Feed:…
Medium
CVE-2023-48332
Missing Authorization vulnerability in Varun Sharma Mail Bank - #1 Mail SMTP Plugin for WordPress wp-mail-bank allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affec…
Medium
CVE-2023-48324
Missing Authorization vulnerability in awesomesupport Awesome Support awesome-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from…
Medium
CVE-2023-48287
Missing Authorization vulnerability in Matat Technologies TextMe SMS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TextMe SMS: from n/a through 1.9.0.
High
CVE-2023-48286
Missing Authorization vulnerability in mra13 Stripe Payments stripe-payments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Stripe Payments: from n/a throu…
Medium
CVE-2023-48277
Missing Authorization vulnerability in SuperPWA Super Progressive Web Apps super-progressive-web-apps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super…
Medium
CVE-2023-48274
Missing Authorization vulnerability in Mondial Relay WooCommerce - WCMultiShipping WCMultiShipping allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCMultiSh…
Medium
CVE-2023-47871
Missing Authorization vulnerability in IT Path Solutions Contact Form to Any API allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form to Any API: fr…
Medium
CVE-2023-47849
Missing Authorization vulnerability in Blossom Themes BlossomThemes Email Newsletter blossomthemes-email-newsletter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue…
Medium
CVE-2023-47847
Missing Authorization vulnerability in PayTR Ödeme ve Elektronik Para Kuruluşu A.Ş. PayTR Taksit Tablosu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pay…
Medium
CVE-2023-47841
Missing Authorization vulnerability in Analytify Analytify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Analytify: from n/a through 5.1.1.
Medium
CVE-2023-47838
Missing Authorization vulnerability in Jules Colle Conditional Fields for Contact Form 7 cf7-conditional-fields allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affe…
Medium
CVE-2023-47836
Missing Authorization vulnerability in prasadkirpekar WP Meta and Date Remover wp-meta-and-date-remover allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP M…
Medium
CVE-2023-47832
Missing Authorization vulnerability in SearchIQ SearchIQ searchiq allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SearchIQ: from n/a through <= 4.4.
Medium
CVE-2023-47830
Missing Authorization vulnerability in Addons for Contact Form 7 Live Preview for Contact Form 7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Live Previe…
Medium
CVE-2023-47826
Missing Authorization vulnerability in NicheAddons Restaurant & Cafe Addon for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Restaurant & Cafe A…
Medium
CVE-2023-47823
Missing Authorization vulnerability in nCrafts FormCraft allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FormCraft: from n/a through 1.2.7.
Medium
CVE-2023-47822
Missing Authorization vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MP…
Medium
CVE-2023-47820
Missing Authorization vulnerability in CRUDLab WP Like Button allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Like Button: from n/a through 1.7.0.
Medium
CVE-2023-47805
Missing Authorization vulnerability in Arraytics WPCafe wp-cafe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCafe: from n/a through <= 2.2.22.
Medium
CVE-2023-47793
Missing Authorization vulnerability in Acme Themes Acme Fix Images acme-fix-images allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Acme Fix Images: from n/a…
Medium
CVE-2023-47780
Missing Authorization vulnerability in flowdee EasyAzon easyazon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EasyAzon: from n/a through <= 5.1.0.
Medium
CVE-2023-47776
Missing Authorization vulnerability in miniOrange miniorange otp verification miniorange-otp-verification allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects mi…
Medium
CVE-2023-47764
Missing Authorization vulnerability in metaphorcreations Ditty ditty-news-ticker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ditty: from n/a through <=…
Medium
CVE-2023-47763
Missing Authorization vulnerability in Northern Beaches Websites WP Custom Admin Interface wp-custom-admin-interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue…
Medium
CVE-2023-47762
Missing Authorization vulnerability in WPDeveloper BetterDocs betterdocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BetterDocs: from n/a through <= 2.5…
Medium
CVE-2023-47761
Missing Authorization vulnerability in WPDeveloper Simple 301 Redirects by BetterLinks simple-301-redirects allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects…
Medium
CVE-2023-47760
Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential…
Medium
CVE-2023-47756
Missing Authorization vulnerability in David Vongries Welcome Email Editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Welcome Email Editor: from n/a th…
High
CVE-2023-47698
Missing Authorization vulnerability in shohei.tanaka Japanized For WooCommerce woocommerce-for-japan allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Japaniz…
Medium
CVE-2023-47694
Missing Authorization vulnerability in appsbd Mini Cart Drawer For WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mini Cart Drawer For WooComme…
Medium
CVE-2023-32299
Missing Authorization vulnerability in Anzar Ahmed Ni WooCommerce Sales Report ni-woocommerce-sales-report allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects N…
Medium
CVE-2023-32293
Missing Authorization vulnerability in Realwebcare WRC Pricing Tables allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WRC Pricing Tables: from n/a through 2…
Medium
CVE-2023-32126
Missing Authorization vulnerability in WPoperation SALERT allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SALERT: from n/a through 1.2.1.
Critical
CVE-2023-32117
Missing Authorization vulnerability in SoftLab Integrate Google Drive allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Integrate Google Drive: from n/a throu…
Medium
CVE-2023-32094
Missing Authorization vulnerability in Felix Welberg Extended Post Status allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Extended Post Status: from n/a thr…
Medium
CVE-2023-31214
Missing Authorization vulnerability in Arul Prasad J WP Quick Post Duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Quick Post Duplicator: from…
Medium
CVE-2023-31073
Missing Authorization vulnerability in Jose Vega Display custom fields in the frontend – Post and User Profile Fields allows Exploiting Incorrectly Configured Access Control Security Levels.This issu…
Medium
CVE-2023-30873
Missing Authorization vulnerability in Fahad Mahmood WP Docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through 1.9.8.
Medium
CVE-2023-30870
Missing Authorization vulnerability in wooproductimporter Sharkdropship for AliExpress Dropship and Affiliate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affect…
Medium
CVE-2023-30783
Missing Authorization vulnerability in YummyWP Smart WooCommerce Search allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart WooCommerce Search: from n/a t…
Medium
CVE-2023-30488
Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Featured Post Creative allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Featured Po…
Medium
CVE-2023-30486
Missing Authorization vulnerability in HashThemes Square allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Square: from n/a through 2.0.0.
Medium
CVE-2023-30479
Missing Authorization vulnerability in Stamped.io Stamped.io Product Reviews & UGC for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Stamped.i…