Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (9116 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-12253 2024-12-09 5.4 Medium
The Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'save_settings', 'export_csv', and 'simpleecommcart-action' actions in all versions up to, and including, 3.1.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to update the plugins settings and retrieve order and log data (which is also accessible to unauthenticated users).
CVE-2023-52361 1 Huawei 1 Harmonyos 2024-12-09 7.5 High
The VerifiedBoot module has a vulnerability that may cause authentication errors.Successful exploitation of this vulnerability may affect integrity.
CVE-2023-48776 2024-12-09 5.4 Medium
Missing Authorization vulnerability in Thomas Scholl canvasio3D Light allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects canvasio3D Light: from n/a through 2.5.0.
CVE-2023-25048 1 Fantastic Plugins 1 Fantastic Content Protector Free 2024-12-09 5.3 Medium
Missing Authorization vulnerability in Fantastic Plugins Fantastic Content Protector Free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fantastic Content Protector Free: from n/a through 2.6.
CVE-2024-52391 1 Genetechsolutions 1 Pie Register 2024-12-09 5.3 Medium
Missing Authorization vulnerability in Genetech Pie Register Premium.This issue affects Pie Register Premium: from n/a before 3.8.3.3.
CVE-2023-25454 1 Wordpress 1 Nate Reist Protected Posts Logout Button 2024-12-09 6.5 Medium
Missing Authorization vulnerability in Nate Reist Protected Posts Logout Button allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Protected Posts Logout Button: from n/a through 1.4.5.
CVE-2023-49845 1 Loud Dog 1 Redirects 2024-12-09 5.3 Medium
Missing Authorization vulnerability in Loud Dog Redirects allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Redirects: from n/a through 1.2.1.
CVE-2023-51362 1 Premio 1 All In One Floating Contact Form My Sticky Elements 2024-12-09 5.3 Medium
Missing Authorization vulnerability in Premio All-in-one Floating Contact Form – My Sticky Elements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects All-in-one Floating Contact Form – My Sticky Elements: from n/a through 2.1.3.
CVE-2024-54218 1 Thehp 1 Aio Contact 2024-12-09 6.5 Medium
Missing Authorization vulnerability in Thehp AIO Contact.This issue affects AIO Contact: from n/a through 2.8.1.
CVE-2023-51357 1 Conversios 1 Conversios.io 2024-12-09 5.3 Medium
Missing Authorization vulnerability in Conversios Conversios.io allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Conversios.io: from n/a through 6.5.0.
CVE-2023-51355 1 Multivendorx 1 Wc Marketplace 2024-12-09 8.2 High
Missing Authorization vulnerability in MultiVendorX WC Marketplace allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WC Marketplace: from n/a through 4.0.23.
CVE-2023-25455 1 Miniorange 1 Wordpress Social Login And Register \(discord\, Google\, Twitter\, Linkedin\) 2024-12-09 5.3 Medium
Missing Authorization vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn): from n/a through 7.6.0.
CVE-2023-50876 2024-12-09 4.3 Medium
Missing Authorization vulnerability in Molongui Molongui allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Molongui: from n/a through 4.7.3.
CVE-2023-50877 2024-12-09 4.3 Medium
Missing Authorization vulnerability in woobewoo Product Filter by WBW allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Filter by WBW: from n/a through 2.5.0.
CVE-2023-49755 2024-12-09 5.4 Medium
Missing Authorization vulnerability in B.M. Rafiul Alam Elementor Timeline Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Timeline Widget: from n/a through 2.2.
CVE-2023-49196 2024-12-09 4.3 Medium
Missing Authorization vulnerability in Pagelayer Team PageLayer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PageLayer: from n/a through 1.7.7.
CVE-2023-48332 2024-12-09 4.3 Medium
Missing Authorization vulnerability in Tech Banker Mail Bank - #1 Mail SMTP Plugin for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mail Bank - #1 Mail SMTP Plugin for WordPress: from n/a through 4.0.14.
CVE-2023-48287 2024-12-09 5.4 Medium
Missing Authorization vulnerability in Matat Technologies TextMe SMS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TextMe SMS: from n/a through 1.9.0.
CVE-2023-48274 2024-12-09 6.5 Medium
Missing Authorization vulnerability in Mondial Relay WooCommerce - WCMultiShipping WCMultiShipping allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCMultiShipping: from n/a through 2.3.5.
CVE-2023-47871 2024-12-09 4.3 Medium
Missing Authorization vulnerability in IT Path Solutions Contact Form to Any API allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form to Any API: from n/a through 1.1.6.