Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-56009
WordPress Spreadr Woocommerce plugin <= 1.0.4 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in spreadr Spreadr Woocommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Spreadr Woocommerce: from n/a through 1.0.4.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-56007
WordPress Leader plugin <= 2.6.1 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Ram Segev Leader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leader: from n/a through 2.6.1.

CVSS: MEDIUM (4.3)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-56005
WordPress Posti Shipping Plugin <= 3.10.3 - CSRF to Settings Change vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Posti Posti Shipping allows Cross Site Request Forgery.This issue affects Posti Shipping: from n/a through 3.10.3.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-56004
WordPress Easy Site Importer plugin <= 1.0.1 - Settings Change vulnerability
Description: Missing Authorization vulnerability in Alex W Fowler Easy Site Importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Site Importer: from n/a through 1.0.1.

CVSS: MEDIUM (5.4)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-56003
WordPress Caldera SMTP Mailer plugin <= 1.0.1 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in David Cramer Caldera SMTP Mailer.This issue affects Caldera SMTP Mailer: from n/a through 1.0.1.

CVSS: MEDIUM (4.3)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-56001
WordPress Ksher plugin <= 1.1.1 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Ksher Ksher allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ksher: from n/a through 1.1.1.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-55999
WordPress XML Multilanguage Sitemap Generator plugin <= 2.0.6 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Marco Giannini XML Multilanguage Sitemap Generator.This issue affects XML Multilanguage Sitemap Generator: from n/a through 2.0.6.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-55998
WordPress Popup Surveys & Polls for WordPress (Mare.io) plugin <= 1.36 - Settings Change vulnerability
Description: Missing Authorization vulnerability in dusthazard Popup Surveys & Polls for WordPress (Mare.io) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Surveys & Polls for WordPress (Mare.io): from n/a through 1.36.

CVSS: MEDIUM (5.4)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-55996
WordPress Payment gateway per Product for WooCommerce plugin <= 3.5.6 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Dreamfox Dreamfox Media Payment gateway per Product for Woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dreamfox Media Payment gateway per Product for Woocommerce: from n/a through 3.5.6.

CVSS: MEDIUM (6.1)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-55994
WordPress 畅言评论系统 plugin <= 2.0.5 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in 搜狐畅言 畅言评论系统 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 畅言评论系统: from n/a through 2.0.5.

CVSS: MEDIUM (4.3)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)