5.3
CVE-2023-48271 - WordPress Maspik β Spam Blacklist plugin <= 0.10.3 - IP Filtering Bypass vulnerability
Authentication Bypass by Spoofing vulnerability in yonifre Maspik β Spam blacklist allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Maspik β Spam blacklist: from n/a through 0.10.3.
8.3
CVE-2023-47837 - WordPress ARMember plugin <= 4.0.10 - Membership Plan Bypass vulnerability
Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through 4.0.10.
3.7
CVE-2023-47818 - WordPress LWS Hide Login plugin <= 2.1.8 - Secret Login Page Location Disclosure on Multisites vulnβ¦
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in LWS LWS Hide Login allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects LWS Hide Login: from n/a through 2.1.8.
3.7
CVE-2023-47769 - WordPress WP Maintenance plugin <= 6.1.3 - IP Filtering Bypass vulnerability
Authentication Bypass by Spoofing vulnerability in WP Maintenance allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Maintenance: from n/a through 6.1.3.
0.0
CVE-2023-47663 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.4
CVE-2023-47513 - WordPress ARI Stream Quiz β WordPress Quizzes Builder plugin <= 1.3.2 - Content Injection vulnerabiβ¦
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in ARI Soft ARI Stream Quiz allows Code Injection.This issue affects ARI Stream Quiz: from n/a through 1.3.2.
6.5
CVE-2024-5463 -
A vulnerability regarding buffer copy without checking the size of input ('Classic Buffer Overflow') has been found in the login component. This allows remote attackers to write specific files containing non-sensitive information and conduct limited denial-of-service attacks via unspecified vectorsβ¦
6.4
CVE-2024-4637 - Slider Revolution <= 6.7.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via Elementoβ¦
The Slider Revolution plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 6.7.10 due to insufficient input sanitization and output escaping on the user supplied Elementor 'wrapperid' and 'zindex' display attributes. This makes it possible for authβ¦
5.3
CVE-2023-47189 - WordPress Defender Security plugin <= 4.2.0 - Masked Login Area View Bypass vulnerability
Improper Authentication vulnerability in WPMU DEV Defender Security allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Defender Security: from n/a through 4.2.0.
7.5
CVE-2023-46630 - WordPress Admin and Site Enhancements (ASE) plugin <= 5.7.1 - Password Protected View Bypass Vulnerβ¦
Improper Authentication vulnerability in wpase Admin and Site Enhancements (ASE) allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Admin and Site Enhancements (ASE): from n/a through 5.7.1.