Total
3276 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-1506 | 1 Cisco | 2 Catalyst Sd-wan Manager, Sd-wan Vmanage | 2024-11-08 | 9.8 Critical |
| Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, local attacker to gain escalated privileges or gain unauthorized access to the application. For more information about these vulnerabilities, see the Details section of this advisory. | ||||
| CVE-2021-1508 | 1 Cisco | 2 Catalyst Sd-wan Manager, Sd-wan Vmanage | 2024-11-08 | 9.8 Critical |
| Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, local attacker to gain escalated privileges or gain unauthorized access to the application. For more information about these vulnerabilities, see the Details section of this advisory. | ||||
| CVE-2024-44021 | 1 Truepush | 1 Truepush | 2024-11-08 | 5.4 Medium |
| Missing Authorization vulnerability in Truepush allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Truepush: from n/a through 1.0.8. | ||||
| CVE-2024-44031 | 1 Beardev | 1 Joomsport | 2024-11-08 | 4.3 Medium |
| Missing Authorization vulnerability in BearDev JoomSport allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JoomSport: from n/a through 5.6.3. | ||||
| CVE-2024-44038 | 1 Sunshinephotocart | 1 Sunshine Photo Cart | 2024-11-08 | 5.3 Medium |
| Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through 3.2.9. | ||||
| CVE-2024-44052 | 1 Helloasso | 1 Helloasso | 2024-11-08 | 4.3 Medium |
| Missing Authorization vulnerability in HelloAsso allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HelloAsso: from n/a through 1.1.10. | ||||
| CVE-2024-10535 | 1 Martinvalchev | 1 Video Gallery For Woocommerce | 2024-11-08 | 5.3 Medium |
| The Video Gallery for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the remove_unused_thumbnails() function in all versions up to, and including, 1.31. This makes it possible for unauthenticated attackers to delete thumbnails in the video-wc-gallery-thumb directory. | ||||
| CVE-2024-10543 | 1 Tumult | 1 Tumult Hype Animations | 2024-11-08 | 4.3 Medium |
| The Tumult Hype Animations plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the hypeanimations_getcontent function in all versions up to, and including, 1.9.14. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve animation information. | ||||
| CVE-2024-6626 | 2 Theinnovs, Thelnnovs | 2 Eleforms, Eleforms | 2024-11-08 | 5.3 Medium |
| The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on several functions in all versions up to, and including, 2.9.9.9. This makes it possible for unauthenticated attackers to view form submissions. | ||||
| CVE-2024-43998 | 1 Websiteinwp | 1 Blogpoet | 2024-11-08 | 6.5 Medium |
| Missing Authorization vulnerability in WebsiteinWP Blogpoet allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Blogpoet: from n/a through 1.0.3. | ||||
| CVE-2024-43982 | 2 Geek Code Lab, Geekcodelab | 2 Login As Users, Login As Users | 2024-11-08 | 8.8 High |
| Missing Authorization vulnerability in Geek Code Lab Login As Users allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login As Users: from n/a through 1.4.3. | ||||
| CVE-2024-43981 | 1 Ayecode | 1 Geodirectory | 2024-11-08 | 4.3 Medium |
| Missing Authorization vulnerability in AyeCode – WP Business Directory Plugins GeoDirectory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GeoDirectory: from n/a through 2.3.70. | ||||
| CVE-2024-44006 | 1 Onthegosystems | 1 Woocommerce Multilingual \& Multicurrency | 2024-11-08 | 4.3 Medium |
| Missing Authorization vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency multilingual allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through 5.3.6. | ||||
| CVE-2024-44019 | 1 Renzojohnson | 2 Contact Form 7 Campaign Monitor Extension, Contact Form 7 Compaign Monitor Extension | 2024-11-08 | 5.3 Medium |
| Missing Authorization vulnerability in Renzo Johnson Contact Form 7 Campaign Monitor Extension allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Contact Form 7 Campaign Monitor Extension: from n/a through 0.4.67. | ||||
| CVE-2024-44020 | 1 Prasadkirpekar | 1 Wp Free Ssl | 2024-11-08 | 4.3 Medium |
| Missing Authorization vulnerability in Prasad Kirpekar WP Free SSL – Free SSL Certificate for WordPress and force HTTPS allows . This issue affects WP Free SSL – Free SSL Certificate for WordPress and force HTTPS: from n/a through 1.2.6. | ||||
| CVE-2024-43980 | 1 Cozythemes | 1 Fotawp | 2024-11-08 | 6.5 Medium |
| Missing Authorization vulnerability in CozyThemes Fota WP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fota WP: from n/a through 1.4.1. | ||||
| CVE-2024-43979 | 1 Cozythemes | 1 Blockbooster | 2024-11-08 | 6.5 Medium |
| Missing Authorization vulnerability in CozyThemes Blockbooster allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Blockbooster: from n/a through 1.0.10. | ||||
| CVE-2024-43974 | 1 Cozythemes | 1 Revivenews | 2024-11-08 | 6.5 Medium |
| Missing Authorization vulnerability in CozyThemes ReviveNews allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ReviveNews: from n/a through 1.0.2. | ||||
| CVE-2024-43973 | 1 Ayecode | 1 Getpaid | 2024-11-08 | 4.3 Medium |
| Missing Authorization vulnerability in AyeCode Ltd GetPaid allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GetPaid: from n/a through 2.8.11. | ||||
| CVE-2024-43968 | 1 Newspack | 1 Newspack | 2024-11-08 | 4.3 Medium |
| Broken Access Control vulnerability in Automattic Newspack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newspack: from n/a through 3.8.6. | ||||