|
308501
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The WP-Strava plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.12.1 due to insufficient input sanitization and output escap…
|
CWE-80
Basic XSS
|
CVE-2024-10038
|
2024-11-13 11:15 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308502
|
8.8 |
HIGH
Network
|
meowapps
|
photo_engine
|
Missing Authorization vulnerability in Jordy Meow Photo Engine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Photo Engine: from n/a through 6.4.0.
|
CWE-862
Missing Authorization
|
CVE-2024-43332
|
2024-11-13 10:25 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308503
|
8.8 |
HIGH
Network
|
gabelivan
|
asset_cleanup
|
Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Spee…
|
CWE-862
Missing Authorization
|
CVE-2024-43314
|
2024-11-13 10:25 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308504
|
9.8 |
CRITICAL
Network
|
arraytics
|
wp_timetics
|
Missing Authorization vulnerability in Arraytics Timetics allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Timetics: from n/a through 1.0.23.
|
CWE-862
Missing Authorization
|
CVE-2024-43923
|
2024-11-13 10:24 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308505
|
8.8 |
HIGH
Network
|
beardev
|
joomsport
|
Missing Authorization vulnerability in BearDev JoomSport allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JoomSport: from n/a through 5.3.0.
|
CWE-862
Missing Authorization
|
CVE-2024-43355
|
2024-11-13 10:24 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308506
|
8.8 |
HIGH
Network
|
etoilewebdesign
|
order_tracking
|
Missing Authorization vulnerability in Etoile Web Design Order Tracking allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Order Tracking: from n/a through 3.3.12.
|
CWE-862
Missing Authorization
|
CVE-2024-43343
|
2024-11-13 10:24 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308507
|
9.8 |
CRITICAL
Network
|
cozythemes
|
hello_agency
|
Missing Authorization vulnerability in CozyThemes Hello Agency allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Hello Agency: from n/a through 1.0.5.
|
CWE-862
Missing Authorization
|
CVE-2024-43341
|
2024-11-13 10:24 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308508
|
8.8 |
HIGH
Network
|
enviragallery
|
envira_gallery
|
Missing Authorization vulnerability in Envira Gallery Team Envira Photo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envira Photo Gallery: from n…
|
CWE-862
Missing Authorization
|
CVE-2024-43925
|
2024-11-13 10:23 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308509
|
8.8 |
HIGH
Network
|
backupbliss
|
clone
|
Missing Authorization vulnerability in Migrate Clone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clone: from n/a through 2.4.5.
|
CWE-862
Missing Authorization
|
CVE-2024-43298
|
2024-11-13 10:19 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308510
|
8.8 |
HIGH
Network
|
backupbliss
|
clone
|
Missing Authorization vulnerability in Migrate Clone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clone: from n/a through 2.4.5.
|
CWE-862
Missing Authorization
|
CVE-2024-43297
|
2024-11-13 10:19 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
