CVEs from 2023
Total
6,189
critical
critical 221
high
high 1,481
medium
medium 1,384
low
low 30
% Critical
3.6%
% with KEV
2.6%
% with exploit
3.4%
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- registrationmagic 6
- codeready_linux_builder_for_ibm_z_systems_eus 6
- cbot_panel 6
- codeready_linux_builder_eus 6
- openstack_platform 6
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-47525 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in A WP Life Event Monster – Event Management, Tickets Booking, Upcoming Event allows Stored XSS.Thi… | |||
| CVE-2023-38513 | medium | 5.4 | 5.4 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in Jordy Meow Photo Engine (Media Organizer & Lightroom).This issue affects Photo Engine (Media Organizer & Lightroom): from n/a through… | |||
| CVE-2023-49823 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a thr… | |||
| CVE-2023-49747 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebFactory Ltd Guest Author allows Stored XSS.This issue affects Guest Author: from n/a through 2… | |||
| CVE-2023-49184 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Parallax Slider Block allows Stored XSS.This issue affects Parallax Slider Block: fro… | |||
| CVE-2023-49181 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Event Manager WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce… | |||
| CVE-2023-49179 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in N.O.U.S. Open Useful and Simple Event post allows Stored XSS.This issue affects Event post: from … | |||
| CVE-2023-49175 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kreativo Pro KP Fastest Tawk.To Chat allows Stored XSS.This issue affects KP Fastest Tawk.To Chat… | |||
| CVE-2023-49174 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dFactory Responsive Lightbox & Gallery allows Stored XSS.This issue affects Responsive Lightbox &… | |||
| CVE-2023-49169 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in datafeedr.Com Ads by datafeedr.Com allows Stored XSS.This issue affects Ads by datafeedr.Com: fro… | |||
| CVE-2023-49165 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Real Big Plugins Client Dash allows Stored XSS.This issue affects Client Dash: from n/a through 2… | |||
| CVE-2023-49160 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in formzu Inc. Formzu WP allows Stored XSS.This issue affects Formzu WP: from n/a through 1.6.6. | |||
| CVE-2023-48765 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Till Krüss Email Address Encoder allows Stored XSS.This issue affects Email Address Encoder: from… | |||
| CVE-2023-49152 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Labs64 Credit Tracker allows Stored XSS.This issue affects Credit Tracker: from n/a through 1.1.1… | |||
| CVE-2023-49151 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Simple Calendar Simple Calendar – Google Calendar Plugin allows Stored XSS.This issue affects Sim… | |||
| CVE-2023-49860 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in weDevs WP Project Manager – Task, team, and project management plugin featuring kanban board and … | |||
| CVE-2023-49150 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CurrencyRate.Today Crypto Converter Widget allows Stored XSS.This issue affects Crypto Converter … | |||
| CVE-2023-49149 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CurrencyRate.Today Currency Converter Calculator allows Stored XSS.This issue affects Currency Co… | |||
| CVE-2023-48780 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EnigmaWeb WP Catalogue allows Stored XSS.This issue affects WP Catalogue: from n/a through 1.7.6. | |||
| CVE-2023-48770 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nima Saberi Aparat allows Stored XSS.This issue affects Aparat: from n/a through 1.7.1. | |||
| CVE-2023-49820 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gordon Böhme, Antonio Leutsch Structured Content (JSON-LD) #wpsc allows Stored XSS.This issue aff… | |||
| CVE-2023-49173 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 10to8 Sign In Scheduling Online Appointment Booking System allows Stored XSS.This issue affects S… | |||
| CVE-2023-49833 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Spectra – WordPress Gutenberg Blocks allows Stored XSS.This issue affects Spectr… | |||
| CVE-2023-49828 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo allows Stored XSS.T… | |||
| CVE-2023-49745 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spiffy Plugins Spiffy Calendar allows Stored XSS.This issue affects Spiffy Calendar: from n/a thr… | |||
| CVE-2023-49168 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WordPlus Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBos… | |||
| CVE-2023-50370 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Livemesh WPBakery Page Builder Addons by Livemesh allows Stored XSS.This issue affects WPBakery P… | |||
| CVE-2023-50369 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alma Alma – Pay in installments or later for WooCommerce allows Stored XSS.This issue affects Alm… | |||
| CVE-2023-50368 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Averta Shortcodes and extra features for Phlox theme allows Stored XSS.This issue affects Shortco… | |||
| CVE-2023-49847 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Twinpictures Annual Archive allows Stored XSS.This issue affects Annual Archive: from n/a through… | |||
| CVE-2023-49846 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paul Bearne Author Avatars List/Block allows Stored XSS.This issue affects Author Avatars List/Bl… | |||
| CVE-2023-49836 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brontobytes Cookie Bar allows Stored XSS.This issue affects Cookie Bar: from n/a through 2.0. | |||
| CVE-2023-50371 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Page Visit Counter Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress allow… | |||
| CVE-2023-46641 | medium | 5.4 | 5.4 | 3y ago | Server-Side Request Forgery (SSRF) vulnerability in Code for Recovery 12 Step Meeting List.This issue affects 12 Step Meeting List: from n/a through 3.14.24. | |||
| CVE-2023-41804 | medium | 5.4 | 5.4 | 3y ago | Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Starter Templates — Elementor, WordPress & Beaver Builder Templates.This issue affects Starter Templates — Elementor, WordPress & … | |||
| CVE-2023-48749 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Theme nectar Salient Core allows Stored XSS.This issue affects Salient Core: from n/a through 2.0… | |||
| CVE-2023-48321 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ahmed Kaludi, Mohammed Kaludi AMP for WP – Accelerated Mobile Pages allows Stored XSS.This issue … | |||
| CVE-2023-48317 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vikas Vatsa Display Custom Post allows Stored XSS.This issue affects Display Custom Post: from n/… | |||
| CVE-2023-47877 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Perfmatters allows Stored XSS.This issue affects Perfmatters: from n/a before 2.2.0. | |||
| CVE-2023-47872 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gVectors Team wpForo Forum allows Stored XSS.This issue affects wpForo Forum: from n/a through 2.… | |||
| CVE-2023-47853 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in myCred myCred – Points, Rewards, Gamification, Ranks, Badges & Loyalty Plugin allows Stored XSS.T… | |||
| CVE-2023-45609 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POWR.Io Contact Form – Custom Builder, Payment Form, and More allows Stored XSS.This issue affect… | |||
| CVE-2023-44143 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bamboo Mcr Bamboo Columns allows Stored XSS.This issue affects Bamboo Columns: from n/a through 1… | |||
| CVE-2023-40674 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lasso Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management allows Stored … | |||
| CVE-2023-32291 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MonsterInsights Pro allows Stored XSS.This issue affects MonsterInsights Pro: from n/a through 8.… | |||
| CVE-2023-48289 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SpreadsheetConverter Import Spreadsheets from Microsoft Excel allows Stored XSS.This issue affect… | |||
| CVE-2023-47854 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Howard Ehrenberg Parallax Image allows Stored XSS.This issue affects Parallax Image: from n/a thr… | |||
| CVE-2023-47851 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Akhtarujjaman Shuvo Bootstrap Shortcodes Ultimate allows Stored XSS.This issue affects Bootstrap … | |||
| CVE-2023-47850 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PeepSo Community by PeepSo – Social Network, Membership, Registration, User Profiles allows Store… | |||
| CVE-2023-47777 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic WooCommerce, Automattic WooCommerce Blocks allows Stored XSS.This issue affects WooCom… | |||
| CVE-2023-47505 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Elementor.Com Elementor allows Cross-Site Scripting (XSS).This issue affects Elementor: from n/a … | |||
| CVE-2023-45050 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic Jetpack – WP Security, Backup, Speed, & Growth allows Stored XSS.This issue affects Je… | |||
| CVE-2023-48336 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cybernetikz Easy Social Icons allows Stored XSS.This issue affects Easy Social Icons: from n/a th… | |||
| CVE-2023-6011 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DECE Software Geodi allows Stored XSS. This issue affects Geodi: before 8.0.0.27396. | |||
| CVE-2023-47231 | medium | 5.4 | 5.4 | 3y ago | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Bainternet ShortCodes UI plugin <= 1.9.8 versions. | |||
| CVE-2023-47229 | medium | 5.4 | 5.4 | 3y ago | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Vyas Dipen Top 25 Social Icons plugin <= 3.1 versions. | |||
| CVE-2023-47190 | medium | 5.4 | 5.4 | 3y ago | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Apollo13Themes Apollo13 Framework Extensions plugin <= 1.9.0 versions. | |||
| CVE-2023-46640 | medium | 5.4 | 5.4 | 3y ago | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in D. Relton Medialist plugin <= 1.3.9 versions. | |||
| CVE-2023-46613 | medium | 5.4 | 5.4 | 3y ago | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Jens Kuerschner Add to Calendar Button plugin <= 1.5.1 versions. | |||
| CVE-2023-47177 | medium | 5.4 | 5.4 | 3y ago | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Yakir Sitbon, Ariel Klikstein Linker plugin <= 1.2.1 versions. | |||
| CVE-2023-46783 | medium | 5.4 | 5.4 | 3y ago | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Bright Plugins Pre-Orders for WooCommerce plugin <= 1.2.13 versions. | |||
| CVE-2023-46782 | medium | 5.4 | 5.4 | 3y ago | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Chris Yee MomentoPress for Momento360 plugin <= 1.0.1 versions. | |||
| CVE-2023-41728 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rescue Themes Rescue Shortcodes allows Stored XSS.This issue affects Rescue Shortcodes: from n/a … | |||
| CVE-2023-24009 | medium | 5.4 | 5.4 | 3y ago | Auth. (subscriber+) Reflected Cross-site Scripting (XSS) vulnerability in Wpazure Themes Upfrontwp theme <= 1.1 versions. | |||
| CVE-2023-3653 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Digital Ant E-Commerce Software allows Stored XSS. This issue affects E-Commerce Software: befor… | |||
| CVE-2023-3319 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in iDisplay PlatPlay DS allows Stored XSS. This issue affects PlatPlay DS: before 3.14. | |||
| CVE-2023-28534 | medium | 5.4 | 5.4 | 3y ago | Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in WP Job Portal WP Job Portal – A Complete Job Board plugin <= 2.0.0 versions. | |||
| CVE-2023-1726 | medium | 5.4 | 5.4 | 3y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Proliz OBS allows Stored XSS for an authenticated user. This issue affects OBS: before 23.04.01. | |||
| CVE-2023-23984 | medium | 5.4 | 5.4 | 3y ago | Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Bubble Menu – circle floating menu plugin <= 3.0.1 leading to form deletion. | |||
| CVE-2023-23974 | medium | 5.4 | 5.4 | 3y ago | Cross-Site Request Forgery (CSRF) vulnerability in Fullworks Quick Event Manager plugin <= 9.7.4 affecting all registration actions (delete, delete all, edit, update). | |||
| CVE-2023-24388 | medium | 5.4 | 5.4 | 3y ago | Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin <= 3.2.3 versions affects plugin forms actions (create, duplicate, edit, delete). | |||
| CVE-2023-47268 | medium | 5.3 | 5.3 | 23d ago | In libslic3r/GCode/PostProcessor.cpp in Prusa PrusaSlicer through 2.6.1, a crafted 3mf project file can execute arbitrary code on a host where the project is sliced and G-code exported. | |||
| CVE-2023-48739 | medium | 5.3 | 5.3 | 1y ago | Missing Authorization vulnerability in Porto Theme Porto Theme - Functionality porto-functionality allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Porto The… | |||
| CVE-2023-47515 | medium | 5.3 | 5.3 | 1y ago | Missing Authorization vulnerability in Seers Seers allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Seers: from n/a through 8.1.1. | |||
| CVE-2023-47241 | medium | 5.3 | 5.3 | 1y ago | Missing Authorization vulnerability in CoCart Headless CoCart – Headless ecommerce cart-rest-api-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue aff… | |||
| CVE-2023-46639 | medium | 5.3 | 5.3 | 1y ago | Missing Authorization vulnerability in FeedbackWP kk Star Ratings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects kk Star Ratings: from n/a through 5.4.5. | |||
| CVE-2023-46637 | medium | 5.3 | 5.3 | 1y ago | Missing Authorization vulnerability in Saurav Sharma Generate Dummy Posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Generate Dummy Posts: from n/a thr… | |||
| CVE-2023-46635 | medium | 5.3 | 5.3 | 1y ago | Missing Authorization vulnerability in YITHEMES YITH WooCommerce Product Add-Ons yith-woocommerce-product-add-ons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue af… | |||
| CVE-2023-46611 | medium | 5.3 | 5.3 | 1y ago | Authentication Bypass by Primary Weakness vulnerability in yourownprogrammer YOP Poll allows Authentication Bypass.This issue affects YOP Poll: from n/a through 6.5.28. | |||
| CVE-2023-46608 | medium | 5.3 | 5.3 | 1y ago | Missing Authorization vulnerability in WPDO DoLogin Security dologin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DoLogin Security: from n/a through <= 3… | |||
| CVE-2023-46606 | medium | 5.3 | 5.3 | 1y ago | Missing Authorization vulnerability in Team AtomChat AtomChat atomchat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AtomChat: from n/a through <= 1.1.4. | |||
| CVE-2023-46605 | medium | 5.3 | 5.3 | 1y ago | Missing Authorization vulnerability in Ruslan Suhar Convertful – Your Ultimate On-Site Conversion Tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Conve… | |||
| CVE-2023-46206 | medium | 5.3 | 5.3 | 1y ago | Missing Authorization vulnerability in Webの相談所 MW WP Form mw-wp-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MW WP Form: from n/a through <= 4.4.5. | |||
| CVE-2023-46083 | medium | 5.3 | 5.3 | 1y ago | Missing Authorization vulnerability in WP Chill Kali Forms kali-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kali Forms: from n/a through <= 2.3.27. | |||
| CVE-2023-46082 | medium | 5.3 | 5.3 | 1y ago | Missing Authorization vulnerability in Cyberlord92 Broken Link Checker | Finder broken-link-finder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broken Li… | |||
| CVE-2023-46073 | medium | 5.3 | 5.3 | 1y ago | Missing Authorization vulnerability in Mario Peshev DX Delete Attached Media dx-delete-attached-media allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DX Del… | |||
| CVE-2023-45766 | medium | 5.3 | 5.3 | 1y ago | Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through <= 4.7.1. | |||
| CVE-2023-45649 | medium | 5.3 | 5.3 | 1y ago | Missing Authorization vulnerability in codepeople Appointment Hour Booking appointment-hour-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Appointm… | |||
| CVE-2023-45061 | medium | 5.3 | 5.3 | 1y ago | Missing Authorization vulnerability in awsm.in WP Job Openings wp-job-openings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Openings: from n/a thr… | |||
| CVE-2023-44258 | medium | 5.3 | 5.3 | 1y ago | Missing Authorization vulnerability in vberkel Schema App Structured Data schema-app-structured-data-for-schemaorg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue a… | |||
| CVE-2023-48775 | medium | 5.3 | 5.3 | 1y ago | Missing Authorization vulnerability in Gfazioli WP Cleanfix allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cleanfix: from n/a through 5.6.2. | |||
| CVE-2023-44149 | medium | 5.3 | 5.3 | 2y ago | Missing Authorization vulnerability in BeRocket Brands for WooCommerce brands-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brands for Woo… | |||
| CVE-2023-44147 | medium | 5.3 | 5.3 | 2y ago | Missing Authorization vulnerability in apasionados Comment Blacklist Updater comment-blacklist-updater allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Comme… | |||
| CVE-2023-41952 | medium | 5.3 | 5.3 | 2y ago | Missing Authorization vulnerability in Contact Form - WPManageNinja LLC FluentForm allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentForm: from n/a thro… | |||
| CVE-2023-41862 | medium | 5.3 | 5.3 | 2y ago | Weak Authentication vulnerability in Guido VS Contact Form allows Authentication Abuse.This issue affects VS Contact Form: from n/a through 14.0. | |||
| CVE-2023-41849 | medium | 5.3 | 5.3 | 2y ago | Missing Authorization vulnerability in WP Happy Coders Posts Like Dislike allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Posts Like Dislike: from n/a throu… | |||
| CVE-2023-41848 | medium | 5.3 | 5.3 | 2y ago | Missing Authorization vulnerability in Majeed Raza Carousel Slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Carousel Slider: from n/a through 2.2.2. | |||
| CVE-2023-41803 | medium | 5.3 | 5.3 | 2y ago | Missing Authorization vulnerability in BitPay BitPay Checkout for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BitPay Checkout for WooCommerc… | |||
| CVE-2023-41690 | medium | 5.3 | 5.3 | 2y ago | Missing Authorization vulnerability in Wiser Notify WiserNotify Social Proof allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WiserNotify Social Proof: from … | |||
| CVE-2023-41133 | medium | 5.3 | 5.3 | 2y ago | Authentication Bypass by Spoofing vulnerability in Michal Novák Secure Admin IP allows Functionality Bypass.This issue affects Secure Admin IP: from n/a through 2.0. |