| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Missing Authorization vulnerability in redpixelstudios RPS Include Content rps-include-content allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RPS Include Content: from n/a through <= 1.2.2. |
| Cross-Site Request Forgery (CSRF) vulnerability in Skywarrior Blackfyre blackfyre allows Cross Site Request Forgery.This issue affects Blackfyre: from n/a through <= 2.5.4. |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes DukaMarket dukamarket allows Code Injection.This issue affects DukaMarket: from n/a through <= 1.3.0. |
| Missing Authorization vulnerability in Ronik@UnlimitedWP WPSchoolPress wpschoolpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSchoolPress: from n/a through <= 2.2.35. |
| Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Car Rental grandcarrental allows Cross Site Request Forgery.This issue affects Grand Car Rental: from n/a through <= 3.6.9. |
| Missing Authorization vulnerability in wproyal Ashe ashe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ashe: from n/a through <= 2.266. |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes Armania armania allows Code Injection.This issue affects Armania: from n/a through <= 1.4.8. |
| Missing Authorization vulnerability in kutethemes Biolife biolife allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Biolife: from n/a through <= 3.2.3. |
| Missing Authorization vulnerability in kutethemes KuteShop kuteshop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KuteShop: from n/a through <= 4.2.9. |
| Missing Authorization vulnerability in ilGhera JW Player for WordPress jw-player-7-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JW Player for WordPress: from n/a through <= 2.3.6. |
| Authorization Bypass Through User-Controlled Key vulnerability in dFactory Download Attachments download-attachments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download Attachments: from n/a through <= 1.4.0. |
| Missing Authorization vulnerability in Wava.co Wava Payment wava-payment allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wava Payment: from n/a through <= 0.3.7. |
| Missing Authorization vulnerability in Andy Ha DEPART depart-deposit-and-part-payment-for-woo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DEPART: from n/a through <= 1.0.7. |
| Missing Authorization vulnerability in Obadiah Super Custom Login super-custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Custom Login: from n/a through <= 1.1. |
| Missing Authorization vulnerability in Arraytics Booktics booktics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booktics: from n/a through <= 1.0.16. |
| Missing Authorization vulnerability in ILLID Share This Image share-this-image allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Share This Image: from n/a through <= 2.12. |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in magepeopleteam Bus Ticket Booking with Seat Reservation bus-ticket-booking-with-seat-reservation allows Retrieve Embedded Sensitive Data.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through < 5.6.5. |
| Missing Authorization vulnerability in Rustaurius Order Tracking order-tracking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Tracking: from n/a through <= 3.4.3. |
| Missing Authorization vulnerability in fullworks Display Eventbrite Events widget-for-eventbrite-api allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Display Eventbrite Events: from n/a through <= 6.5.6. |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Designinvento DirectoryPress directorypress allows Retrieve Embedded Sensitive Data.This issue affects DirectoryPress: from n/a through <= 3.6.26. |
