|
4301
|
8.8 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de omisión de autenticación usando una ruta o canal alternativo en Dokan, Inc. Dokan dokan-lite permite el abuso de autenticación. Este problema afecta a Dokan: desde n/a hasta <= 4…
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-24359
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4302
|
6.4 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in bdthemes Ultimate Post Kit ultimate-post-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Post Kit: from …
|
CWE-862
Missing Authorization
|
CVE-2026-24362
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4303
|
6.4 |
MEDIUM
Network
|
-
|
-
|
Vulnerabilidad de Autorización Faltante en bdthemes Ultimate Post Kit ultimate-post-kit permite Explotar Niveles de Seguridad de Control de Acceso Incorrectamente Configurados. Este problema afecta a…
|
CWE-862
Missing Authorization
|
CVE-2026-24362
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4304
|
7.5 |
HIGH
Network
|
-
|
-
|
Missing Authorization vulnerability in loopus WP Cost Estimation & Payment Forms Builder WP_Estimation_Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects …
|
CWE-862
Missing Authorization
|
CVE-2026-24363
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4305
|
7.5 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de autorización faltante en loopus WP Cost Estimation & Payment Forms Builder WP_Estimation_Form permite la explotación de niveles de seguridad de control de acceso configurados in…
|
CWE-862
Missing Authorization
|
CVE-2026-24363
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4306
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in weDevs WP User Frontend wp-user-frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a t…
|
CWE-862
Missing Authorization
|
CVE-2026-24364
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4307
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Vulnerabilidad de autorización faltante en weDevs WP User Frontend wp-user-frontend permite Explotar Niveles de Seguridad de Control de Acceso Configurados Incorrectamente. Este problema afecta a WP …
|
CWE-862
Missing Authorization
|
CVE-2026-24364
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4308
|
7.1 |
HIGH
Network
|
-
|
-
|
Missing Authorization vulnerability in Theme-one The Grid the-grid allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Grid: from n/a through < 2.8.0.
|
CWE-862
Missing Authorization
|
CVE-2026-24369
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4309
|
7.1 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de autorización faltante en Theme-one The Grid the-grid permite explotar niveles de seguridad de control de acceso incorrectamente configurados. Este problema afecta a The Grid: desde …
|
CWE-862
Missing Authorization
|
CVE-2026-24369
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4310
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Theme-one The Grid the-grid allows Stored XSS.This issue affects The Grid: from n/a through < 2.8…
|
CWE-79
Cross-site Scripting
|
CVE-2026-24370
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
