Total
4406 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-25935 | 1 Metagauss | 1 Registrationmagic | 2025-02-03 | 4.3 Medium |
| Missing Authorization vulnerability in Metagauss RegistrationMagic.This issue affects RegistrationMagic: from n/a through 5.2.5.9. | ||||
| CVE-2024-46450 | 2025-02-03 | 8.1 High | ||
| Incorrect access control in Tenda AC1200 Smart Dual-Band WiFi Router Model AC6 v2.0 Firmware v15.03.06.50 allows attackers to bypass authentication via a crafted web request. | ||||
| CVE-2024-33595 | 1 Master-addons | 1 Master Addons | 2025-02-03 | 4.3 Medium |
| Missing Authorization vulnerability in Jewel Theme Master Addons for Elementor.This issue affects Master Addons for Elementor: from n/a through 2.0.5.4.1. | ||||
| CVE-2024-11133 | 2025-02-03 | 5.3 Medium | ||
| The Eventer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'handle_pdf_download_request' function in all versions up to, and including, 3.9.9. This makes it possible for unauthenticated attackers to download event tickets. | ||||
| CVE-2024-11134 | 2025-02-03 | 4.3 Medium | ||
| The Eventer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'eventer_export_bookings_csv' function in all versions up to, and including, 3.9.9. This makes it possible for authenticated attackers with subscriber-level permissions or above, to download bookings, which contains customers' personal data. | ||||
| CVE-2024-57682 | 2025-02-03 | 6.5 Medium | ||
| An information disclosure vulnerability in the component d_status.asp of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to access sensitive information via a crafted POST request. | ||||
| CVE-2024-33912 | 1 Kodezen | 1 Academy Lms | 2025-02-03 | 7.1 High |
| Missing Authorization vulnerability in Academy LMS.This issue affects Academy LMS: from n/a through 1.9.16. | ||||
| CVE-2025-23527 | 2025-02-03 | 6.5 Medium | ||
| Missing Authorization vulnerability in Hemnath Mouli WC Wallet allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WC Wallet: from n/a through 2.2.0. | ||||
| CVE-2023-33321 | 1 Metagauss | 1 Eventprime | 2025-02-03 | 5.3 Medium |
| Missing Authorization vulnerability in Metagauss EventPrime allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventPrime: from n/a through 2.8.6. | ||||
| CVE-2025-24697 | 2025-02-03 | 6.5 Medium | ||
| Missing Authorization vulnerability in Realwebcare Image Gallery – Responsive Photo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Image Gallery – Responsive Photo Gallery: from n/a through 1.0.5. | ||||
| CVE-2025-22686 | 2025-02-03 | 5.3 Medium | ||
| Missing Authorization vulnerability in GSheetConnector CF7 Google Sheets Connector allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CF7 Google Sheets Connector: from n/a through 5.0.17. | ||||
| CVE-2024-57757 | 2025-02-03 | 7.5 High | ||
| JeeWMS before v2025.01.01 was discovered to contain a permission bypass in the component /interceptors/AuthInterceptor.cava. | ||||
| CVE-2025-24642 | 2025-02-03 | 6.5 Medium | ||
| Missing Authorization vulnerability in theme funda Setup Default Featured Image allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Setup Default Featured Image: from n/a through 1.2. | ||||
| CVE-2025-24643 | 2025-02-03 | 6.5 Medium | ||
| Missing Authorization vulnerability in Amento Tech Pvt ltd WPGuppy allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WPGuppy: from n/a through 1.1.0. | ||||
| CVE-2024-50500 | 2025-02-03 | 4.3 Medium | ||
| Missing Authorization vulnerability in By Averta Shortcodes and extra features for Phlox theme allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Shortcodes and extra features for Phlox theme: from n/a through 2.17.2. | ||||
| CVE-2025-22260 | 2025-02-03 | 4.3 Medium | ||
| Missing Authorization vulnerability in Pixelite Meta Tag Manager. This issue affects Meta Tag Manager: from n/a through 3.1. | ||||
| CVE-2025-22677 | 2025-02-03 | 4.8 Medium | ||
| Missing Authorization vulnerability in UIUX Lab Uix Shortcodes allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Uix Shortcodes: from n/a through 2.0.3. | ||||
| CVE-2025-22681 | 2025-02-03 | 4.3 Medium | ||
| Missing Authorization vulnerability in Xfinity Soft Content Cloner allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Content Cloner: from n/a through 1.0.1. | ||||
| CVE-2025-22694 | 2025-02-03 | 4.3 Medium | ||
| Missing Authorization vulnerability in theDotstore Hide Shipping Method For WooCommerce. This issue affects Hide Shipping Method For WooCommerce: from n/a through 1.5.0. | ||||
| CVE-2023-23715 | 1 Ultimatemember | 1 Jobboardwp | 2025-02-03 | 5.2 Medium |
| Missing Authorization vulnerability in JobBoardWP JobBoardWP – Job Board Listings and Submissions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JobBoardWP – Job Board Listings and Submissions: from n/a through 1.2.2. | ||||