Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-32506 |
Description: Missing Authorization vulnerability in Link Whisper Link Whisper Free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Link Whisper Free: from n/a through 0.6.3.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 14th, 2024 (6 months ago)
|
|
CVE-2023-30490 |
Description: Missing Authorization vulnerability in Matthew Ruddy Easing Slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easing Slider : from n/a through 3.0.8.
CVSS: HIGH (7.5) EPSS Score: 0.04%
December 14th, 2024 (6 months ago)
|
|
CVE-2023-28990 |
Description: Missing Authorization vulnerability in HashThemes Viral Mag allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Viral Mag: from n/a through 1.0.9.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
December 14th, 2024 (6 months ago)
|
|
CVE-2023-27456 |
Description: Missing Authorization vulnerability in HashThemes Total allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Total: from n/a through 2.1.19.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
December 14th, 2024 (6 months ago)
|
|
CVE-2023-25988 |
Description: Missing Authorization vulnerability in Video Gallery by Total-Soft Video Gallery – YouTube Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Video Gallery – YouTube Gallery: from n/a through 1.7.6.
CVSS: HIGH (7.5) EPSS Score: 0.04%
December 14th, 2024 (6 months ago)
|
|
CVE-2023-22697 |
Description: Missing Authorization vulnerability in Survey Maker team Survey Maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Survey Maker: from n/a through 3.2.0.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
December 14th, 2024 (6 months ago)
|
|
Description: WordPress Plugin "My WP Customize Admin/Frontend" contains a cross-site scripting vulnerability.
December 13th, 2024 (6 months ago)
|
|
CVE-2024-9881 |
Description: The LearnPress WordPress plugin before 4.2.7.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
CVSS: LOW (0.0) EPSS Score: 0.04%
December 13th, 2024 (6 months ago)
|
|
CVE-2024-9641 |
Description: The LuckyWP Table of Contents WordPress plugin before 2.1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
CVSS: LOW (0.0) EPSS Score: 0.04%
December 13th, 2024 (6 months ago)
|
|
CVE-2024-9428 |
Description: The Popup Builder WordPress plugin before 4.3.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
CVSS: LOW (0.0) EPSS Score: 0.04%
December 13th, 2024 (6 months ago)
|