6.4
CVE-2024-43937 - WordPress WP Crowdfunding plugin <= 2.1.10 - Settings Change vulnerability
Missing Authorization vulnerability in Themeum WP Crowdfunding allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Crowdfunding: from n/a through 2.1.10.
6.5
CVE-2024-43956 - WordPress MemberPress plugin <= 1.11.34 - Broken Access Control vulnerability
Missing Authorization vulnerability in Caseproof, LLC Memberpress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Memberpress: from n/a through 1.11.34.
5.4
CVE-2024-43962 - WordPress LWS Affiliation plugin <= 2.3.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in LWS LWS Affiliation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LWS Affiliation: from n/a through 2.3.4.
4.3
CVE-2024-43968 - WordPress Newspack plugin < 3.8.7 - Broken Access Control vulnerability
Broken Access Control vulnerability in Automattic Newspack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newspack: from n/a through 3.8.6.
8.8
CVE-2024-43973 - WordPress GetPaid plugin <= 2.8.11 - Broken Access Control vulnerability
Missing Authorization vulnerability in Stiofan GetPaid invoicing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GetPaid: from n/a through <= 2.8.11.
6.5
CVE-2024-43974 - WordPress ReviveNews theme <= 1.0.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in CozyThemes ReviveNews allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ReviveNews: from n/a through 1.0.2.
6.5
CVE-2024-43979 - WordPress Blockbooster theme <= 1.0.10 - Broken Access Control vulnerability
Missing Authorization vulnerability in CozyThemes Blockbooster allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Blockbooster: from n/a through 1.0.10.
6.5
CVE-2024-43980 - WordPress FotaWP theme <= 1.4.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in CozyThemes Fota WP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fota WP: from n/a through 1.4.1.
4.3
CVE-2024-43981 - WordPress GeoDirectory plugin <= 2.3.70 - Broken Access Control vulnerability
Missing Authorization vulnerability in AyeCode โ WP Business Directory Plugins GeoDirectory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GeoDirectory: from n/a through 2.3.70.
8.8
CVE-2024-43982 - WordPress Login As Users plugin <= 1.4.3 - Broken Access Control to Account Takeover vulnerability
Missing Authorization vulnerability in Geek Code Lab Login As Users allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login As Users: from n/a through 1.4.3.