Total
3285 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-24719 | 2024-08-02 | 4.3 Medium | ||
| Missing Authorization vulnerability in Uriahs Victor Location Picker at Checkout for WooCommerce.This issue affects Location Picker at Checkout for WooCommerce: from n/a through 1.8.9. | ||||
| CVE-2023-37870 | 2024-08-02 | 8.1 High | ||
| Missing Authorization vulnerability in Woo WooCommerce Warranty Requests.This issue affects WooCommerce Warranty Requests: from n/a through 2.1.9. | ||||
| CVE-2023-37890 | 1 Liquidweb | 1 Kb Support | 2024-08-02 | 4.3 Medium |
| Missing Authorization vulnerability in WPOmnia KB Support – WordPress Help Desk and Knowledge Base allows Accessing Functionality Not Properly Constrained by ACLs. Users with a role as low as a subscriber can view other customers.This issue affects KB Support – WordPress Help Desk and Knowledge Base: from n/a through 1.5.88. | ||||
| CVE-2023-37872 | 2024-08-02 | 6.5 Medium | ||
| Missing Authorization vulnerability in Woo WooCommerce Ship to Multiple Addresses.This issue affects WooCommerce Ship to Multiple Addresses: from n/a through 3.8.5. | ||||
| CVE-2023-37885 | 2024-08-02 | 4.3 Medium | ||
| Missing Authorization vulnerability in InspiryThemes RealHomes.This issue affects RealHomes: from n/a through 4.0.2. | ||||
| CVE-2023-37869 | 2024-08-02 | 6.5 Medium | ||
| Missing Authorization vulnerability in Premium Addons Premium Addons PRO.This issue affects Premium Addons PRO: from n/a through 2.9.0. | ||||
| CVE-2023-37886 | 2024-08-02 | 5.4 Medium | ||
| Missing Authorization vulnerability in InspiryThemes RealHomes.This issue affects RealHomes: from n/a through 4.0.2. | ||||
| CVE-2023-36683 | 2024-08-02 | 6.5 Medium | ||
| Missing Authorization vulnerability in WP SCHEMA PRO Schema Pro.This issue affects Schema Pro: from n/a through 2.7.8. | ||||
| CVE-2023-36624 | 1 Loxone | 2 Miniserver Go Gen 2, Miniserver Go Gen 2 Firmware | 2024-08-02 | 7.8 High |
| Loxone Miniserver Go Gen.2 through 14.0.3.28 allows an authenticated operating system user to escalate privileges via the Sudo configuration. This allows the elevated execution of binaries without a password requirement. | ||||
| CVE-2023-36607 | 1 Ovarro | 10 Tbox Lt2, Tbox Lt2 Firmware, Tbox Ms-cpu32 and 7 more | 2024-08-02 | 5.3 Medium |
| The affected TBox RTUs are missing authorization for running some API commands. An attacker running these commands could reveal sensitive information such as software versions and web server file contents. | ||||
| CVE-2023-36512 | 2024-08-02 | 6.5 Medium | ||
| Missing Authorization vulnerability in Woo AutomateWoo.This issue affects AutomateWoo: from n/a through 5.7.5. | ||||
| CVE-2023-36515 | 1 Thimpress | 1 Learnpress | 2024-08-02 | 7.3 High |
| Missing Authorization vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n/a through 4.2.3. | ||||
| CVE-2023-36516 | 1 Thimpress | 1 Learnpress | 2024-08-02 | 7.6 High |
| Missing Authorization vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n/a through 4.2.3. | ||||
| CVE-2023-36348 | 1 Codekop | 1 Codekop | 2024-08-02 | 8.8 High |
| POS Codekop v2.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the filename parameter. | ||||
| CVE-2023-36144 | 1 Intelbras | 2 Sg 2404 Mr, Sg 2404 Mr Firmware | 2024-08-02 | 7.5 High |
| An authentication bypass in Intelbras Switch SG 2404 MR in firmware 1.00.54 allows an unauthenticated attacker to download the backup file of the device, exposing critical information about the device configuration. | ||||
| CVE-2023-35149 | 1 Jenkins | 1 Digital.ai App Management Publisher | 2024-08-02 | 6.5 Medium |
| A missing permission check in Jenkins Digital.ai App Management Publisher Plugin 2.6 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL, capturing credentials stored in Jenkins. | ||||
| CVE-2023-35093 | 1 Stylemixthemes | 1 Masterstudy Lms | 2024-08-02 | 6.5 Medium |
| Broken Access Control vulnerability in StylemixThemes MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin <= 3.0.8 versions allows any logged-in users, such as subscribers to view the "Orders" of the plugin and get the data related to the order like email, username, and more. | ||||
| CVE-2023-35040 | 2024-08-02 | 5.3 Medium | ||
| Missing Authorization vulnerability in SendPress SendPress Newsletters.This issue affects SendPress Newsletters: from n/a through 1.23.11.6. | ||||
| CVE-2023-35050 | 2024-08-02 | 6.5 Medium | ||
| Missing Authorization vulnerability in Elementor Elementor Pro.This issue affects Elementor Pro: from n/a through 3.13.0. | ||||
| CVE-2023-35045 | 2024-08-02 | 4.3 Medium | ||
| Missing Authorization vulnerability in Fat Rat Fat Rat Collect.This issue affects Fat Rat Collect: from n/a through 2.6.7. | ||||