7.1
CVE-2024-47314 - WordPress Sunshine Photo Cart plugin <= 3.2.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through <= 3.2.8.
5.3
CVE-2024-47311 - WordPress Wheel of Life plugin <= 1.1.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in Kraft Plugins Wheel of Life wheel-of-life allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wheel of Life: from n/a through <= 1.1.8.
5.3
CVE-2024-47302 - WordPress Fluent Support plugin <= 1.8.0 - Broken Access Control on Email Verification vulnerability
Missing Authorization vulnerability in Shahjahan Jewel Fluent Support fluent-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fluent Support: from n/a through <= 1.8.0.
5.3
CVE-2024-44038 - WordPress Sunshine Photo Cart plugin <= 3.2.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through <= 3.2.9.
5.4
CVE-2024-37250 - WordPress Advanced Custom Fields Pro plugin < 6.3.2 - Subscriber+ Broken Access Control vulnerabiliβ¦
Missing Authorization vulnerability in WPEngine Inc. Advanced Custom Fields PRO allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Custom Fields PRO: from n/a through 6.3.1.
4.3
CVE-2024-37249 - WordPress Advanced Custom Fields Pro plugin < 6.3.2 - Contributor+ Broken Access Control vulnerabilβ¦
Missing Authorization vulnerability in WPEngine Inc. Advanced Custom Fields PRO allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Custom Fields PRO: from n/a through 6.3.1.
4.3
CVE-2024-37095 - WordPress Envira Photo Gallery plugin <= 1.8.7.3 - CSRF leading to notice dismissal vulnerability
Missing Authorization vulnerability in Envira Gallery Team Envira Photo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envira Photo Gallery: from n/a through 1.8.7.3.
4.3
CVE-2024-37096 - WordPress Popup box plugin <= 4.5.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Popup Box Team Popup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup box: from n/a through 4.5.1.
8.2
CVE-2024-37106 - WordPress WishList Member X plugin < 3.26.7 - Unautenticated Plugin Settings Change Leading to Storβ¦
Missing Authorization vulnerability in WishList Products WishList Member X allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WishList Member X: from n/a through 3.26.6
7.7
CVE-2024-37108 - WordPress WishList Member X plugin < 3.26.7 - Authenticated Arbitrary File Deletion vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WishList Products WishList Member X allows Path Traversal.This issue affects WishList Member X: from n/a through 3.26.6.