This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Missing Authorization vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities.This issue affects ProfileGrid : from n/a through <= 5.9.3.

Missing Authorization vulnerability in RexTheme WP VR wpvr allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP VR: from n/a through <= 8.5.4.

Missing Authorization vulnerability in colorlibplugins Simple Custom Post Order simple-custom-post-order allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Custom Post Order: from n/a through <= 2.5.7.

Cross-Site Request Forgery (CSRF) vulnerability in Latepoint LatePoint allows Cross Site Request Forgery.This issue affects LatePoint: from n/a through 4.9.91.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aman FunnelKit Automations wp-marketing-automations allows SQL Injection.This issue affects FunnelKit Automations: from n/a through <= 3.1.2.

The TS Poll WordPress plugin before 2.4.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks

Administrative Management System from Wellchoose has an OS Command Injection vulnerability, allowing remote attackers with regular privileges to inject and execute arbitrary OS commands.

Administrative Management System from Wellchoose does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells.

Administrative Management System from Wellchoose has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to download arbitrary files on the server.