7.5
CVE-2024-43135 - WordPress WPCafe plugin <= 2.2.28 - Local File Inclusion vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themewinter WPCafe allows PHP Local File Inclusion.This issue affects WPCafe: from n/a through 2.2.28.
7.5
CVE-2024-43131 - WordPress Docket (WooCommerce Collections / Wishlist / Watchlist) plugin < 1.7.0 - Unauthenticated β¦
Incorrect Authorization vulnerability in WPWeb Docket (WooCommerce Collections / Wishlist / Watchlist) allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Docket (WooCommerce Collections / Wishlist / Watchlist): from n/a before 1.7.0.
6.5
CVE-2024-43129 - WordPress BetterDocs plugin <= 3.5.8 - Local File Inclusion vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPDeveloper BetterDocs allows PHP Local File Inclusion.This issue affects BetterDocs: from n/a through 3.5.8.
6.5
CVE-2024-43128 - WordPress WooCommerce Product Table Lite plugin <= 3.5.1 - Arbitrary Code Execution vulnerability
Improper Control of Generation of Code ('Code Injection') vulnerability in WC Product Table WooCommerce Product Table Lite allows Code Injection.This issue affects WooCommerce Product Table Lite: from n/a through 3.5.1.
9.1
CVE-2024-43121 - WordPress HUSKY plugin <= 1.3.6.1 - Privilege Escalation vulnerability
Improper Privilege Management vulnerability in realmag777 HUSKY allows Privilege Escalation.This issue affects HUSKY: from n/a through 1.3.6.1.
8.6
CVE-2024-39651 - WordPress WooCommerce PDF Vouchers plugin < 4.9.5 - Unauthenticated Arbitrary File Deletion vulneraβ¦
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPWeb WooCommerce PDF Vouchers allows File Manipulation.This issue affects WooCommerce PDF Vouchers: from n/a before 4.9.5.
6.5
CVE-2024-39642 - WordPress LearnPress plugin <= 4.2.6.8.2 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in ThimPress LearnPress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects LearnPress: from n/a through 4.2.6.8.2.
7.5
CVE-2024-38787 - WordPress Import and export users and customers plugin <= 1.26.8 - Sensitive Information via Importβ¦
Insertion of Sensitive Information Into Sent Data vulnerability in Javier Carazo Import and export users and customers import-users-from-csv-with-meta.This issue affects Import and export users and customers: from n/a through <= 1.26.8.
5.3
CVE-2024-38760 - WordPress Send Users Email plugin <= 1.5.1 - Sensitive Data Exposure vulnerability
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in David Maucher Send Users Email allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Send Users Email: from n/a through 1.5.1.
5.3
CVE-2024-38756 - WordPress Coming Soon Page β Responsive Coming Soon & Maintenance Mode plugin <= 1.6.3 - Sensitive β¦
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Weblizar Coming Soon allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Coming Soon: from n/a through 1.6.3.