7.5

CVSS3.1

CVE-2024-24869 - WordPress Total Upkeep plugin <= 1.15.8 - Arbitrary File Download vulnerability

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in BoldGrid Total Upkeep allows Relative Path Traversal.This issue affects Total Upkeep: from n/a through 1.15.8.

πŸ“… Published: May 17, 2024, 8:48 a.m. πŸ”„ Last Modified: June 9, 2025, 8:58 p.m.

6.5

CVSS3.1

CVE-2024-24715 - WordPress WordPress BookIt Plugin plugin <= 2.4.0 - Price Bypass Vulnerability vulnerability

Improper Validation of Specified Quantity in Input vulnerability in The Events Calendar BookIt allows Manipulating Hidden Fields.This issue affects BookIt: from n/a through 2.4.0.

πŸ“… Published: May 17, 2024, 8:48 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.3

CVSS3.1

CVE-2024-23522 - WordPress Formidable Forms plugin <= 6.7 - Content Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Strategy11 Form Builder Team Formidable Forms allows Code Injection.This issue affects Formidable Forms: from n/a through 6.7.

πŸ“… Published: May 17, 2024, 8:47 a.m. πŸ”„ Last Modified: Feb. 3, 2025, 4:20 p.m.

9.8

CVSS3.1

CVE-2024-22157 - WordPress SalesKing plugin <= 1.6.15 - Unauthenticated Privilege Escalation vulnerability

Improper Privilege Management vulnerability in WebWizards SalesKing allows Privilege Escalation.This issue affects SalesKing: from n/a through 1.6.15.

πŸ“… Published: May 17, 2024, 8:47 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.8

CVSS3.1

CVE-2024-22145 - WordPress InstaWP Connect plugin <= 0.1.0.8 - Arbitrary Option Update to Privilege Escalation vulne…

Incorrect Privilege Assignment vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through <= 0.1.0.8.

πŸ“… Published: May 17, 2024, 8:46 a.m. πŸ”„ Last Modified: April 23, 2026, 3:18 p.m.

3.7

CVSS3.1

CVE-2024-22139 - WordPress WordPress Manutenção plugin <= 1.0.6 - Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in Filipe Seabra WordPress Manutenção allows Functionality Bypass.This issue affects WordPress Manutenção: from n/a through 1.0.6.

πŸ“… Published: May 17, 2024, 8:46 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2024-21746 - WordPress Wp Ultimate Review plugin <= 2.3.6 - IP limit Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in Roxnor Wp Ultimate Review wp-ultimate-review allows Identity Spoofing.This issue affects Wp Ultimate Review: from n/a through <= 2.3.6.

πŸ“… Published: May 17, 2024, 8:46 a.m. πŸ”„ Last Modified: April 1, 2026, 4:16 p.m.

2.7

CVSS3.1

CVE-2024-4214 - WordPress cardealer plugin <= 4.15 - Content Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS vulnerability in Bill Minozzi Car Dealer allows Code Injection.This issue affects Car Dealer: from n/a through 4.15.

πŸ“… Published: May 17, 2024, 8:45 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.2

CVSS3.1

CVE-2023-51546 - WordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin <= 4.2…

Improper Privilege Management vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels allows Privilege Escalation.This issue affects WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels: from n/a through 4.2.1.

πŸ“… Published: May 17, 2024, 8:44 a.m. πŸ”„ Last Modified: Feb. 11, 2025, 9:44 p.m.

9.8

CVSS3.1

CVE-2023-51483 - WordPress WP Frontend Profile plugin <= 1.3.1 - Unauthenticated Privilege Escalation vulnerability

Improper Privilege Management vulnerability in Glowlogix WP Frontend Profile allows Privilege Escalation.This issue affects WP Frontend Profile: from n/a through 1.3.1.

πŸ“… Published: May 17, 2024, 8:44 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 349182
Page 9795 of 34,919
Β« previous page Β» next page
Filters