Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2023-25455
WordPress WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin <= 7.6.0 - Arbitrary Content Deletion vulnerability
Description: Missing Authorization vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn): from n/a through 7.6.0.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE
December 10th, 2024 (4 months ago)

CVE-2023-25454
WordPress Protected Posts Logout Button plugin <= 1.4.5 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Nate Reist Protected Posts Logout Button allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Protected Posts Logout Button: from n/a through 1.4.5.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 10th, 2024 (4 months ago)

CVE-2023-25067
WordPress We’re Open! plugin <= 1.45 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Noah Hearle, Design Extreme We’re Open! allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects We’re Open!: from n/a through 1.45.

CVSS: MEDIUM (4.3)

EPSS Score: 0.04%

Source: CVE
December 10th, 2024 (4 months ago)

CVE-2023-25060
WordPress Album and Image Gallery plus Lightbox plugin <= 1.6.2 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Album and Image Gallery plus Lightbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Album and Image Gallery plus Lightbox: from n/a through 1.6.2.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE
December 10th, 2024 (4 months ago)

CVE-2023-25048
WordPress Fantastic Content Protector Free plugin <= 2.6 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Fantastic Plugins Fantastic Content Protector Free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fantastic Content Protector Free: from n/a through 2.6.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE
December 10th, 2024 (4 months ago)

CVE-2023-25037
WordPress Booking Calendar Contact Form plugin <= 1.2.34 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in CodePeople Booking Calendar Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking Calendar Contact Form: from n/a through 1.2.34.

CVSS: MEDIUM (4.3)

EPSS Score: 0.04%

Source: CVE
December 10th, 2024 (4 months ago)

CVE-2023-25035
WordPress Quick Contact Form plugin <= 8.0.3.1 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Fullworks Quick Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Contact Form : from n/a through 8.0.3.1.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 10th, 2024 (4 months ago)

CVE-2023-25026
WordPress PayPal Brasil para WooCommerce plugin <= 1.4.2 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in PayPal PayPal Brasil para WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PayPal Brasil para WooCommerce: from n/a through 1.4.2.

CVSS: MEDIUM (4.3)

EPSS Score: 0.04%

Source: CVE
December 10th, 2024 (4 months ago)

CVE-2023-24407
WordPress Booking calendar, Appointment Booking System plugin <= 3.2.3 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in WpDevArt Booking calendar, Appointment Booking System allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.3.

CVSS: MEDIUM (5.0)

EPSS Score: 0.04%

Source: CVE
December 10th, 2024 (4 months ago)

CVE-2023-24375
WordPress WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin <= 7.5.14 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn): from n/a through 7.5.14.

CVSS: LOW (3.5)

EPSS Score: 0.04%

Source: CVE
December 10th, 2024 (4 months ago)