5.3
CVE-2024-53819 - WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.0 - Insecure Direct Object References β¦
Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices.This issue affects Client Invoicing by Sprout Invoices: from n/a through <= 20.8.0.
9.3
CVE-2024-54215 - WordPress Revy plugin <= 1.18 - Unauthenticated SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in roninwp Revy revy.This issue affects Revy: from n/a through <= 1.18.
10
CVE-2024-53822 - WordPress Pie Register Premium plugin < 3.8.3.3 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Genetech Pie Register Premium pie-register-premium.This issue affects Pie Register Premium: from n/a through < 3.8.3.3.
7.5
CVE-2024-53790 - WordPress Lenxel Core plugin <= 1.2.8 - Local File Inclusion vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ogun Labs Lenxel Core for Lenxel(LNX) LMS lenxel-core allows PHP Local File Inclusion.This issue affects Lenxel Core for Lenxel(LNX) LMS: from n/a through <= 1.3.9.
9.8
CVE-2024-43222 - WordPress Sweet Date theme <= 3.7.3 - Privilege Escalation vulnerability
Missing Authorization vulnerability in SeventhQueen Sweet Date sweetdate allows Privilege Escalation.This issue affects Sweet Date: from n/a through <= 3.7.3.
0.0
CVE-2023-48277 - WordPress Super Progressive Web Apps plugin <= 2.2.21 - Broken Access Control vulnerability
Missing Authorization vulnerability in SuperPWA Super Progressive Web Apps super-progressive-web-apps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Progressive Web Apps: from n/a through <= 2.2.21.
4.3
CVE-2024-54227 - WordPress Minimum and Maximum Quantity for WooCommerce plugin <= 2.0.0 - Broken Access Control vulnβ¦
Missing Authorization vulnerability in Dotstore Minimum and Maximum Quantity for WooCommerce min-and-max-quantity-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Minimum and Maximum Quantity for WooCommerce: from n/a through <= 2.0.0.
6.5
CVE-2024-54251 - WordPress Prodigy Commerce plugin <= 3.1.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in prodigycommerce Prodigy Commerce prodigy-commerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Prodigy Commerce: from n/a through <= 3.1.2.
6.5
CVE-2024-54224 - WordPress ElementsReady Addons for Elementor plugin <= 6.4.7 - Cross Site Scripting (XSS) vulnerabiβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in quomodosoft ElementsReady Addons for Elementor element-ready-lite allows DOM-Based XSS.This issue affects ElementsReady Addons for Elementor: from n/a through <= 6.4.7.
6.5
CVE-2024-54228 - WordPress Wot Elementor Widgets plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Weboccult Technologies Pvt Ltd Wot Elementor Widgets wot-elementor-widgets allows DOM-Based XSS.This issue affects Wot Elementor Widgets: from n/a through <= 1.0.1.