Export limit exceeded: 10484 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10484 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-51679 | 1 Bulkgate | 1 Sms Plugin For Woocommerce | 2024-11-21 | 5.4 Medium |
| Missing Authorization vulnerability in BulkGate BulkGate SMS Plugin for WooCommerce.This issue affects BulkGate SMS Plugin for WooCommerce: from n/a through 3.0.2. | ||||
| CVE-2023-51671 | 1 Funnelkit | 1 Funnelkit Checkout | 2024-11-21 | 5.4 Medium |
| Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through 3.10.3. | ||||
| CVE-2023-51670 | 1 Funnelkit | 1 Funnelkit Checkout | 2024-11-21 | 4.3 Medium |
| Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through 3.10.3. | ||||
| CVE-2023-51649 | 1 Networktocode | 1 Nautobot | 2024-11-21 | 3.5 Low |
| Nautobot is a Network Source of Truth and Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database. When submitting a Job to run via a Job Button, only the model-level `extras.run_job` permission is checked (i.e., does the user have permission to run Jobs in general). Object-level permissions (i.e., does the user have permission to run this specific Job?) are not enforced by the URL/view used in this case. A user with permissions to run even a single Job can actually run all configured JobButton Jobs. Fix will be available in Nautobot 1.6.8 and 2.1.0 | ||||
| CVE-2023-51537 | 1 Awesomesupport | 1 Awesome Support Wordpress Helpdesk \& Support | 2024-11-21 | 5.3 Medium |
| Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.5. | ||||
| CVE-2023-51524 | 1 Weformspro | 1 Weforms | 2024-11-21 | 4.3 Medium |
| Missing Authorization vulnerability in weForms.This issue affects weForms: from n/a through 1.6.18. | ||||
| CVE-2023-51519 | 1 Soliloquywp | 1 Slider | 2024-11-21 | 4.3 Medium |
| Missing Authorization vulnerability in Soliloquy Team Slider by Soliloquy.This issue affects Slider by Soliloquy: from n/a through 2.7.2. | ||||
| CVE-2023-51516 | 1 Businessdirectoryplugin | 1 Business Directory | 2024-11-21 | 5.4 Medium |
| Missing Authorization vulnerability in Business Directory Team Business Directory Plugin.This issue affects Business Directory Plugin: from n/a through 6.3.9. | ||||
| CVE-2023-51507 | 1 Expresstech | 1 Quiz And Survey Master | 2024-11-21 | 5.3 Medium |
| Missing Authorization vulnerability in ExpressTech Quiz And Survey Master.This issue affects Quiz And Survey Master: from n/a through 8.1.16. | ||||
| CVE-2023-51497 | 1 Woocommerce | 1 Shipping Multiple Addresses | 2024-11-21 | 5.4 Medium |
| Missing Authorization vulnerability in Woo WooCommerce Ship to Multiple Addresses.This issue affects WooCommerce Ship to Multiple Addresses: from n/a through 3.8.9. | ||||
| CVE-2023-51496 | 1 Woocommerce | 1 Returns And Warranty Requests | 2024-11-21 | 5.3 Medium |
| Missing Authorization vulnerability in Woo WooCommerce Warranty Requests.This issue affects WooCommerce Warranty Requests: from n/a through 2.2.7. | ||||
| CVE-2023-51495 | 1 Woocommerce | 1 Returns And Warranty Requests | 2024-11-21 | 6.5 Medium |
| Missing Authorization vulnerability in Woo WooCommerce Warranty Requests.This issue affects WooCommerce Warranty Requests: from n/a through 2.2.7. | ||||
| CVE-2023-51494 | 1 Woocommerce | 1 Product Vendors | 2024-11-21 | 5.3 Medium |
| Missing Authorization vulnerability in Woo WooCommerce Product Vendors.This issue affects WooCommerce Product Vendors: from n/a through 2.2.1. | ||||
| CVE-2023-51377 | 1 Wpeverest | 1 Everest Forms | 2024-11-21 | 5.3 Medium |
| Missing Authorization vulnerability in WPEverest Everest Forms.This issue affects Everest Forms: from n/a through 2.0.3. | ||||
| CVE-2023-51376 | 1 Brainstormforce | 1 Surefeedback | 2024-11-21 | 4.3 Medium |
| Missing Authorization vulnerability in Brainstorm Force ProjectHuddle Client Site.This issue affects ProjectHuddle Client Site: from n/a through 1.0.34. | ||||
| CVE-2023-51375 | 1 Wpdeveloper | 1 Embedpress | 2024-11-21 | 4.3 Medium |
| Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.8.3. | ||||
| CVE-2023-50732 | 1 Xwiki | 1 Xwiki | 2024-11-21 | 8.3 High |
| XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to execute a Velocity script without script right through the document tree. This has been patched in XWiki 14.10.7 and 15.2RC1. | ||||
| CVE-2023-50705 | 1 Efacec | 2 Uc 500e, Uc 500e Firmware | 2024-11-21 | 5.3 Medium |
| An attacker could create malicious requests to obtain sensitive information about the web server. | ||||
| CVE-2023-50457 | 1 Zammad | 1 Zammad | 2024-11-21 | 4.3 Medium |
| An issue was discovered in Zammad before 6.2.0. When listing tickets linked to a knowledge base answer, or knowledge base answers of a ticket, a user could see entries for which they lack permissions. | ||||
| CVE-2023-50363 | 1 Qnap | 2 Qts, Quts Hero | 2024-11-21 | 7.4 High |
| An incorrect authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to bypass intended access restrictions via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later | ||||