Total
3290 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-7648 | 2024-08-12 | 4.3 Medium | ||
| The Opal Membership plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.4 via the private notes functionality on payments which utilizes WordPress comments. This makes it possible for authenticated attackers, with subscriber-level access and above, to view private notes via recent comments that should be restricted to just administrators. | ||||
| CVE-2024-28004 | 2024-08-11 | 5.4 Medium | ||
| Missing Authorization vulnerability in ExtendThemes Colibri Page Builder.This issue affects Colibri Page Builder: from n/a through 1.0.248. | ||||
| CVE-2024-33912 | 2024-08-11 | 7.1 High | ||
| Missing Authorization vulnerability in Academy LMS.This issue affects Academy LMS: from n/a through 1.9.16. | ||||
| CVE-2023-47874 | 2024-08-09 | 5.4 Medium | ||
| Missing Authorization vulnerability in Perfmatters.This issue affects Perfmatters: from n/a through 2.1.6. | ||||
| CVE-2024-24883 | 2024-08-09 | 4.3 Medium | ||
| Missing Authorization vulnerability in BdThemes Prime Slider – Addons For Elementor.This issue affects Prime Slider – Addons For Elementor: from n/a through 3.11.10. | ||||
| CVE-2024-32682 | 2024-08-09 | 7.1 High | ||
| Missing Authorization vulnerability in BdThemes Prime Slider – Addons For Elementor.This issue affects Prime Slider – Addons For Elementor: from n/a through 3.13.2. | ||||
| CVE-2024-35729 | 1 Tickera | 1 Tickera | 2024-08-09 | 5.3 Medium |
| Missing Authorization vulnerability in Tickera.This issue affects Tickera: from n/a through 3.5.2.6. | ||||
| CVE-2024-32783 | 2024-08-09 | 4.3 Medium | ||
| Missing Authorization vulnerability in wpcreativeidea Advanced Testimonial Carousel for Elementor.This issue affects Advanced Testimonial Carousel for Elementor: from n/a through 3.0.0. | ||||
| CVE-2024-31252 | 2024-08-09 | 4.3 Medium | ||
| Missing Authorization vulnerability in dFactory Responsive Lightbox.This issue affects Responsive Lightbox: from n/a through 2.4.6. | ||||
| CVE-2024-34690 | 1 Sap | 1 Student Life Cycle Management | 2024-08-09 | 5.4 Medium |
| SAP Student Life Cycle Management (SLcM) fails to conduct proper authorization checks for authenticated users, leading to the potential escalation of privileges. On successful exploitation it could allow an attacker to access and edit non-sensitive report variants that are typically restricted, causing minimal impact on the confidentiality and integrity of the application. | ||||
| CVE-2024-30477 | 2024-08-09 | 5.3 Medium | ||
| Missing Authorization vulnerability in Klarna Klarna Payments for WooCommerce.This issue affects Klarna Payments for WooCommerce: from n/a through 3.2.4. | ||||
| CVE-2024-32821 | 2024-08-09 | 4.3 Medium | ||
| Missing Authorization vulnerability in TotalSuite Total Poll Lite.This issue affects Total Poll Lite: from n/a through 4.9.9. | ||||
| CVE-2024-35663 | 2024-08-09 | 5.4 Medium | ||
| Missing Authorization vulnerability in HahnCreativeGroup WP Translate.This issue affects WP Translate: from n/a through 5.3.0. | ||||
| CVE-2024-34819 | 1 Moreconvert | 1 Woocommerce Wishlist | 2024-08-09 | 5.3 Medium |
| Missing Authorization vulnerability in MoreConvert MC Woocommerce Wishlist.This issue affects MC Woocommerce Wishlist: from n/a through 1.7.2. | ||||
| CVE-2023-36694 | 2024-08-09 | 6.3 Medium | ||
| Missing Authorization vulnerability in Bryan Lee Kingkong Board.This issue affects Kingkong Board: from n/a through 2.1.0.2. | ||||
| CVE-2023-39922 | 2024-08-09 | 4.3 Medium | ||
| Missing Authorization vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through 7.11.1. | ||||
| CVE-2024-31342 | 2024-08-09 | 6.5 Medium | ||
| Missing Authorization vulnerability in WPcloudgallery WordPress Gallery Exporter.This issue affects WordPress Gallery Exporter: from n/a through 1.3. | ||||
| CVE-2024-37176 | 1 Sap | 1 Bw\/4hana | 2024-08-09 | 5.5 Medium |
| SAP BW/4HANA Transformation and Data Transfer Process (DTP) allows an authenticated attacker to gain higher access levels than they should have by exploiting improper authorization checks. This results in escalation of privileges. It has no impact on the confidentiality of data but may have low impacts on the integrity and availability of the application. | ||||
| CVE-2024-7031 | 2024-08-09 | 7.5 High | ||
| The File Manager Pro – Filester plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'njt_fs_saveSettingRestrictions' function in all versions up to, and including, 1.8.2. This makes it possible for authenticated attackers, with a role that has been granted permissions by an Administrator, to update the plugin settings for user role restrictions, including allowing file types such as .php to be uploaded. | ||||
| CVE-2024-33572 | 2024-08-09 | 4.3 Medium | ||
| Missing Authorization vulnerability in POSIMYTH The Plus Blocks for Block Editor | Gutenberg.This issue affects The Plus Blocks for Block Editor | Gutenberg: from n/a through 3.2.5. | ||||