CWE-86 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (10531 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-52229			2024-11-21	6.5 Medium
Missing Authorization vulnerability in Save as PDF plugin by Pdfcrowd Word Replacer Pro.This issue affects Word Replacer Pro: from n/a through 1.0.
CVE-2023-52227			2024-11-21	4.3 Medium
Missing Authorization vulnerability in MailerLite MailerLite – WooCommerce integration.This issue affects MailerLite – WooCommerce integration: from n/a through 2.0.8.
CVE-2023-52220			2024-11-21	4.3 Medium
Missing Authorization vulnerability in MonsterInsights Google Analytics by Monster Insights.This issue affects Google Analytics by Monster Insights: from n/a through 8.21.0.
CVE-2023-52217	1 Wedevs	1 Woocommerce Conversion Tracking	2024-11-21	4.3 Medium
Missing Authorization vulnerability in weDevs WooCommerce Conversion Tracking.This issue affects WooCommerce Conversion Tracking: from n/a through 2.0.11.
CVE-2023-52211	1 Automattic	1 Wp Job Manager	2024-11-21	5.3 Medium
Missing Authorization vulnerability in Automattic WP Job Manager.This issue affects WP Job Manager: from n/a through 2.0.0.
CVE-2023-52199			2024-11-21	6.5 Medium
Missing Authorization vulnerability in Matthias Pfefferle & Automattic ActivityPub.This issue affects ActivityPub: from n/a through 1.0.5.
CVE-2023-52186	1 Woo	1 Product Vendors	2024-11-21	5.3 Medium
Missing Authorization vulnerability in Woo WooCommerce Product Vendors.This issue affects WooCommerce Product Vendors: from n/a through 2.2.2.
CVE-2023-52183			2024-11-21	5.4 Medium
Missing Authorization vulnerability in WebToffee WordPress Backup & Migration.This issue affects WordPress Backup & Migration: from n/a through 1.4.3.
CVE-2023-52117	1 Metagauss	1 Profilegrid	2024-11-21	4.3 Medium
Missing Authorization vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid: from n/a through 5.6.6.
CVE-2023-52077	1 Nexryai	1 Nexkey	2024-11-21	8.9 High
Nexkey is a lightweight fork of Misskey v12 optimized for small to medium size servers. Prior to 12.23Q4.5, Nexkey allows external apps using tokens issued by administrators and moderators to call admin APIs. This allows malicious third-party apps to perform operations such as updating server settings, as well as compromise object storage and email server credentials. This issue has been patched in 12.23Q4.5.
CVE-2023-51682	1 Ibericode	1 Mailchimp	2024-11-21	5.3 Medium
Missing Authorization vulnerability in ibericode MC4WP.This issue affects MC4WP: from n/a through 4.9.9.
CVE-2023-51680	1 Technovama	1 Quotes For Woocommerce	2024-11-21	4.3 Medium
Missing Authorization vulnerability in TechnoVama Quotes for WooCommerce.This issue affects Quotes for WooCommerce: from n/a through 2.0.1.
CVE-2023-51679	1 Bulkgate	1 Sms Plugin For Woocommerce	2024-11-21	5.4 Medium
Missing Authorization vulnerability in BulkGate BulkGate SMS Plugin for WooCommerce.This issue affects BulkGate SMS Plugin for WooCommerce: from n/a through 3.0.2.
CVE-2023-51671	1 Funnelkit	1 Funnelkit Checkout	2024-11-21	5.4 Medium
Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through 3.10.3.
CVE-2023-51670	1 Funnelkit	1 Funnelkit Checkout	2024-11-21	4.3 Medium
Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through 3.10.3.
CVE-2023-51649	1 Networktocode	1 Nautobot	2024-11-21	3.5 Low
Nautobot is a Network Source of Truth and Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database. When submitting a Job to run via a Job Button, only the model-level `extras.run_job` permission is checked (i.e., does the user have permission to run Jobs in general). Object-level permissions (i.e., does the user have permission to run this specific Job?) are not enforced by the URL/view used in this case. A user with permissions to run even a single Job can actually run all configured JobButton Jobs. Fix will be available in Nautobot 1.6.8 and 2.1.0
CVE-2023-51537	1 Awesomesupport	1 Awesome Support Wordpress Helpdesk \& Support	2024-11-21	5.3 Medium
Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.5.
CVE-2023-51524	1 Weformspro	1 Weforms	2024-11-21	4.3 Medium
Missing Authorization vulnerability in weForms.This issue affects weForms: from n/a through 1.6.18.
CVE-2023-51523			2024-11-21	4.3 Medium
Missing Authorization vulnerability in WriterSystem WooCommerce Easy Duplicate Product.This issue affects WooCommerce Easy Duplicate Product: from n/a through 0.3.0.7.
CVE-2023-51519	1 Soliloquywp	1 Slider	2024-11-21	4.3 Medium
Missing Authorization vulnerability in Soliloquy Team Slider by Soliloquy.This issue affects Slider by Soliloquy: from n/a through 2.7.2.

« first previous Page 390 of 527. next last »