Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-56062
WordPress Royal Elementor Addons and Templates plugin <= 1.3.987 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons allows Stored XSS.This issue affects Royal Elementor Addons: from n/a through 1.3.987.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
January 1st, 2025 (4 months ago)

CVE-2024-56031
WordPress Smart Shopify Product plugin <= 1.0.2 - Arbitrary Content Deletion vulnerability
Description: Missing Authorization vulnerability in Yulio Aleman Jimenez Smart Shopify Product allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart Shopify Product: from n/a through 1.0.2.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
January 1st, 2025 (4 months ago)

CVE-2024-56002
WordPress Contact Form, Survey & Form Builder – MightyForms plugin <= 1.3.9 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Porthas Inc. Contact Form, Survey & Form Builder – MightyForms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form, Survey & Form Builder – MightyForms: from n/a through 1.3.9.

CVSS: MEDIUM (6.4)

EPSS Score: 0.04%

Source: CVE
January 1st, 2025 (4 months ago)

CVE-2024-55995
WordPress Torod plugin <= 1.7 - Settings Change vulnerability
Description: Missing Authorization vulnerability in Torod Holding LTD Torod allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Torod: from n/a through 1.7.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
January 1st, 2025 (4 months ago)

CVE-2024-55991
WordPress CRM Plugin – WP-CRM System plugin <= 3.2.9.1 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in WP-CRM WP-CRM System allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CRM System: from n/a through 3.2.9.1.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
January 1st, 2025 (4 months ago)

CVE-2024-51667
WordPress Paytium plugin <= 4.4.10 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in David de Boer Paytium.This issue affects Paytium: from n/a through 4.4.10.

CVSS: MEDIUM (4.3)

EPSS Score: 0.04%

Source: CVE
January 1st, 2025 (4 months ago)

CVE-2024-49698
WordPress Great Restaurant Menu WP plugin <= 1.4.2 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in PriceListo Best Restaurant Menu by PriceListo.This issue affects Best Restaurant Menu by PriceListo: from n/a through 1.4.2.

CVSS: MEDIUM (4.3)

EPSS Score: 0.04%

Source: CVE
January 1st, 2025 (4 months ago)

CVE-2024-49694
WordPress My Wp Brand – Hide menu & Hide Plugin plugin <= 1.1.2 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in imw3 My Wp Brand – Hide menu & Hide Plugin.This issue affects My Wp Brand – Hide menu & Hide Plugin: from n/a through 1.1.2.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE
January 1st, 2025 (4 months ago)

CVE-2024-49687
WordPress Smart Manager plugin <= 8.45.0 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in StoreApps Smart Manager.This issue affects Smart Manager: from n/a through 8.45.0.

CVSS: MEDIUM (4.3)

EPSS Score: 0.04%

Source: CVE
January 1st, 2025 (4 months ago)

CVE-2024-49686
WordPress Landing Page Cat plugin <= 1.7.4 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Fatcat Apps Landing Page Cat.This issue affects Landing Page Cat: from n/a through 1.7.4.

CVSS: MEDIUM (5.4)

EPSS Score: 0.04%

Source: CVE
January 1st, 2025 (4 months ago)