Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-32586 |
Description: Missing Authorization vulnerability in Thomas Michalak Soundcloud Is Gold allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Soundcloud Is Gold: from n/a through 2.5.1.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|
|
CVE-2023-32581 |
Description: Missing Authorization vulnerability in MobileMonkey WP-Chatbot for Messenger allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-Chatbot for Messenger: from n/a through 4.7.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|
|
CVE-2023-32574 |
Description: Missing Authorization vulnerability in Fahad Mahmood Injection Guard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Injection Guard: from n/a through 1.2.1.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|
|
CVE-2023-32519 |
Description: Missing Authorization vulnerability in Webcodin WCP Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCP Contact Form: from n/a through 3.1.0.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|
|
CVE-2023-32506 |
Description: Missing Authorization vulnerability in Link Whisper Link Whisper Free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Link Whisper Free: from n/a through 0.6.3.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|
|
CVE-2023-28990 |
Description: Missing Authorization vulnerability in HashThemes Viral Mag allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Viral Mag: from n/a through 1.0.9.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|
|
CVE-2023-27456 |
Description: Missing Authorization vulnerability in HashThemes Total allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Total: from n/a through 2.1.19.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|
|
CVE-2023-22697 |
Description: Missing Authorization vulnerability in Survey Maker team Survey Maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Survey Maker: from n/a through 3.2.0.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|
|
CVE-2024-12526 |
Description: The Arena.IM – Live Blogging for real-time events plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.3.0. This is due to missing or incorrect nonce validation on the 'albfre_user_action' AJAX action. This makes it possible for unauthenticated attackers to update the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
CVSS: MEDIUM (4.3) EPSS Score: 0.05%
December 13th, 2024 (4 months ago)
|
|
CVE-2024-12463 |
Description: The Arena.IM – Live Blogging for real-time events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'arena_embed_amp' shortcode in all versions up to, and including, 0.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
CVSS: MEDIUM (6.4) EPSS Score: 0.05%
December 13th, 2024 (4 months ago)
|