Search Results (37077 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-52232 1 Booster 1 Booster For Woocommerce 2024-11-21 6.5 Medium
Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before 7.1.2.
CVE-2023-52230 1 Booster 1 Booster For Woocommerce 2024-11-21 6.5 Medium
Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before 7.1.3.
CVE-2023-52217 1 Wedevs 1 Woocommerce Conversion Tracking 2024-11-21 4.3 Medium
Missing Authorization vulnerability in weDevs WooCommerce Conversion Tracking.This issue affects WooCommerce Conversion Tracking: from n/a through 2.0.11.
CVE-2023-52186 1 Woo 1 Product Vendors 2024-11-21 5.3 Medium
Missing Authorization vulnerability in Woo WooCommerce Product Vendors.This issue affects WooCommerce Product Vendors: from n/a through 2.2.2.
CVE-2023-52117 1 Metagauss 1 Profilegrid 2024-11-21 4.3 Medium
Missing Authorization vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid: from n/a through 5.6.6.
CVE-2023-52096 1 Steve-community 1 Ocpp-jaxb 2024-11-21 7.5 High
SteVe Community ocpp-jaxb before 0.0.8 generates invalid timestamps such as ones with month 00 in certain situations (such as when an application receives a StartTransaction Open Charge Point Protocol message with a timestamp parameter of 1000000). This may lead to a SQL exception in applications, and may undermine the integrity of transaction records.
CVE-2023-52077 1 Nexryai 1 Nexkey 2024-11-21 8.9 High
Nexkey is a lightweight fork of Misskey v12 optimized for small to medium size servers. Prior to 12.23Q4.5, Nexkey allows external apps using tokens issued by administrators and moderators to call admin APIs. This allows malicious third-party apps to perform operations such as updating server settings, as well as compromise object storage and email server credentials. This issue has been patched in 12.23Q4.5.
CVE-2023-51682 1 Ibericode 1 Mailchimp 2024-11-21 5.3 Medium
Missing Authorization vulnerability in ibericode MC4WP.This issue affects MC4WP: from n/a through 4.9.9.
CVE-2023-51680 1 Technovama 1 Quotes For Woocommerce 2024-11-21 4.3 Medium
Missing Authorization vulnerability in TechnoVama Quotes for WooCommerce.This issue affects Quotes for WooCommerce: from n/a through 2.0.1.
CVE-2023-51671 1 Funnelkit 1 Funnelkit Checkout 2024-11-21 5.4 Medium
Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through 3.10.3.
CVE-2023-51670 1 Funnelkit 1 Funnelkit Checkout 2024-11-21 4.3 Medium
Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through 3.10.3.
CVE-2023-51649 1 Networktocode 1 Nautobot 2024-11-21 3.5 Low
Nautobot is a Network Source of Truth and Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database. When submitting a Job to run via a Job Button, only the model-level `extras.run_job` permission is checked (i.e., does the user have permission to run Jobs in general). Object-level permissions (i.e., does the user have permission to run this specific Job?) are not enforced by the URL/view used in this case. A user with permissions to run even a single Job can actually run all configured JobButton Jobs. Fix will be available in Nautobot 1.6.8 and 2.1.0
CVE-2023-51537 1 Awesomesupport 1 Awesome Support Wordpress Helpdesk \& Support 2024-11-21 5.3 Medium
Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.5.
CVE-2023-51524 1 Weformspro 1 Weforms 2024-11-21 4.3 Medium
Missing Authorization vulnerability in weForms.This issue affects weForms: from n/a through 1.6.18.
CVE-2023-51516 1 Businessdirectoryplugin 1 Business Directory 2024-11-21 5.4 Medium
Missing Authorization vulnerability in Business Directory Team Business Directory Plugin.This issue affects Business Directory Plugin: from n/a through 6.3.9.
CVE-2023-51507 1 Expresstech 1 Quiz And Survey Master 2024-11-21 5.3 Medium
Missing Authorization vulnerability in ExpressTech Quiz And Survey Master.This issue affects Quiz And Survey Master: from n/a through 8.1.16.
CVE-2023-51497 1 Woocommerce 1 Shipping Multiple Addresses 2024-11-21 5.4 Medium
Missing Authorization vulnerability in Woo WooCommerce Ship to Multiple Addresses.This issue affects WooCommerce Ship to Multiple Addresses: from n/a through 3.8.9.
CVE-2023-51496 1 Woocommerce 1 Returns And Warranty Requests 2024-11-21 5.3 Medium
Missing Authorization vulnerability in Woo WooCommerce Warranty Requests.This issue affects WooCommerce Warranty Requests: from n/a through 2.2.7.
CVE-2023-51495 1 Woocommerce 1 Returns And Warranty Requests 2024-11-21 6.5 Medium
Missing Authorization vulnerability in Woo WooCommerce Warranty Requests.This issue affects WooCommerce Warranty Requests: from n/a through 2.2.7.
CVE-2023-51494 1 Woocommerce 1 Product Vendors 2024-11-21 5.3 Medium
Missing Authorization vulnerability in Woo WooCommerce Product Vendors.This issue affects WooCommerce Product Vendors: from n/a through 2.2.1.