Filtered by CWE-862
Total 5355 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-25703 1 Essentialplugin 1 Meta Slider And Carousel With Lightbox 2024-12-09 5.3 Medium
Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Meta slider and carousel with lightbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Meta slider and carousel with lightbox: from n/a through 1.6.2.
CVE-2023-25035 1 Fullworksplugins 1 Quick Contact Form 2024-12-09 6.5 Medium
Missing Authorization vulnerability in Fullworks Quick Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Contact Form : from n/a through 8.0.3.1.
CVE-2023-25026 2024-12-09 4.3 Medium
Missing Authorization vulnerability in PayPal PayPal Brasil para WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PayPal Brasil para WooCommerce: from n/a through 1.4.2.
CVE-2023-23986 2024-12-09 5.4 Medium
Missing Authorization vulnerability in Noah Hearle, Design Extreme Reviews and Rating – Google My Business allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Reviews and Rating – Google My Business: from n/a through 4.14.
CVE-2023-23975 1 Fullworksplugins 1 Quick Event Manager 2024-12-09 5.3 Medium
Missing Authorization vulnerability in Fullworks Quick Event Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Event Manager: from n/a through 9.7.4.
CVE-2023-23893 1 Ibenic 1 Simple Giveaways 2024-12-09 5.3 Medium
Missing Authorization vulnerability in Igor Benic Simple Giveaways allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Giveaways: from n/a through 2.48.0.
CVE-2023-23887 1 Ibenic 1 Simple Giveaways 2024-12-09 5.3 Medium
Missing Authorization vulnerability in Shaon Easy Google Analytics for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Google Analytics for WordPress: from n/a through 1.6.0.
CVE-2023-23868 2024-12-09 5.4 Medium
Missing Authorization vulnerability in WPFactory Cost of Goods for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cost of Goods for WooCommerce: from n/a through 2.8.6.
CVE-2023-23823 2024-12-09 4.3 Medium
Missing Authorization vulnerability in Clever Widgets Enhanced Text Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Text Widget: from n/a through 1.5.8.
CVE-2023-23814 2024-12-09 3.8 Low
Missing Authorization vulnerability in CodePeople CP Multi View Event Calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CP Multi View Event Calendar : from n/a through 1.4.13.
CVE-2023-23716 2024-12-09 4.3 Medium
Missing Authorization vulnerability in Zendesk Zendesk Support for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zendesk Support for WordPress: from n/a through 1.8.4.
CVE-2023-22708 2024-12-09 4.3 Medium
Missing Authorization vulnerability in Karim Salman Kraken.io Image Optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kraken.io Image Optimizer: from n/a through 2.6.7.
CVE-2024-54227 2024-12-09 4.3 Medium
Missing Authorization vulnerability in theDotstore Minimum and Maximum Quantity for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Minimum and Maximum Quantity for WooCommerce: from n/a through 2.0.0.
CVE-2024-54254 2024-12-09 6.3 Medium
Missing Authorization vulnerability in Kofi Mokome Message Filter for Contact Form 7.This issue affects Message Filter for Contact Form 7: from n/a through 1.6.3.
CVE-2024-54217 2024-12-09 5.4 Medium
Missing Authorization vulnerability in Repute info systems ARForms.This issue affects ARForms: from n/a through 6.4.1.
CVE-2024-11353 2024-12-09 4.3 Medium
The SMS for Lead Capture Forms plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_message() function in all versions up to, and including, 1.1.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary messages.
CVE-2023-50899 2024-12-09 5.4 Medium
Missing Authorization vulnerability in MultiVendorX Product Catalog Enquiry for WooCommerce by MultiVendorX allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Catalog Enquiry for WooCommerce by MultiVendorX: from n/a through 5.0.2.
CVE-2023-47836 2024-12-09 5.4 Medium
Missing Authorization vulnerability in Prasad Kirpekar WP Meta and Date Remover allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Meta and Date Remover: from n/a through 2.3.0.
CVE-2023-50884 1 Lastudio 1 La-studio Element Kit For Elementor 2024-12-09 6.5 Medium
Missing Authorization vulnerability in LA-Studio LA-Studio Element Kit for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LA-Studio Element Kit for Elementor: from n/a through 1.1.5.
CVE-2023-47823 1 Ncrafts 1 Formcraft 2024-12-09 5.3 Medium
Missing Authorization vulnerability in nCrafts FormCraft allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FormCraft: from n/a through 1.2.7.