4.3
CVE-2023-29431 - WordPress qTranslate X Cleanup and WPML Import plugin <= 3.0.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in OntheGoSystems qTranslate X Cleanup and WPML Import allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects qTranslate X Cleanup and WPML Import: from n/a through 3.0.1.
5.4
CVE-2023-29433 - WordPress tencentcloud-cos plugin <= 1.0.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in ่ พ่ฎฏไบ tencentcloud-cos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects tencentcloud-cos: from n/a through 1.0.7.
4.3
CVE-2023-30476 - WordPress Blogger Buzz theme <= 1.2.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in Sparkle Themes Blogger Buzz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Blogger Buzz: from n/a through 1.2.2.
5.3
CVE-2023-30479 - WordPress Stamped.io Product Reviews & UGC for WooCommerce plugin <= 2.3.2 - Broken Access Control โฆ
Missing Authorization vulnerability in Stamped.io Stamped.io Product Reviews & UGC for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Stamped.io Product Reviews & UGC for WooCommerce: from n/a through 2.3.2.
4.3
CVE-2023-30486 - WordPress Square theme <= 2.0.0 - Broken Access Control
Missing Authorization vulnerability in HashThemes Square allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Square: from n/a through 2.0.0.
5.3
CVE-2023-30488 - WordPress Featured Post Creative plugin <= 1.2.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Featured Post Creative allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Featured Post Creative: from n/a through 1.2.7.
4.3
CVE-2023-30748 - WordPress Easy Appointments plugin <= 3.10.7 - Auth. Stored Cross-Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nikola Loncar Easy Appointments allows Stored XSS.This issue affects Easy Appointments: from n/a through 3.10.7.
4.3
CVE-2023-30783 - WordPress Smart WooCommerce Search plugin <= 2.5.0 - Broken Access Control
Missing Authorization vulnerability in YummyWP Smart WooCommerce Search allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart WooCommerce Search: from n/a through 2.5.0.
6.5
CVE-2023-30870 - WordPress Sharkdropship for AliExpress Dropship and Affiliate plugin <= 2.2.3 - Multiple Broken Accโฆ
Missing Authorization vulnerability in wooproductimporter Sharkdropship for AliExpress Dropship and Affiliate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sharkdropship for AliExpress Dropship and Affiliate: from n/a through 2.2.3.
5.4
CVE-2023-30873 - WordPress WP Docs plugin <= 1.9.8 - Broken Access Control
Missing Authorization vulnerability in Fahad Mahmood WP Docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through 1.9.8.