Export limit exceeded: 11877 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11877 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-39640 | 1 Quadlayers | 1 Wp Social Feed Gallery | 2026-04-15 | 6.5 Medium |
| Missing Authorization vulnerability in QuadLayers WP Social Feed Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Social Feed Gallery: from n/a through 4.3.9. | ||||
| CVE-2024-39625 | 1 Icegram | 1 Icegram | 2026-04-15 | 5.3 Medium |
| Missing Authorization vulnerability in icegram Icegram allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Icegram: from n/a through 3.1.24. | ||||
| CVE-2024-39596 | 2026-04-15 | 4.3 Medium | ||
| Due to missing authorization checks, SAP Enable Now allows an author to escalate privileges to access information which should otherwise be restricted. On successful exploitation, the attacker can cause limited impact on confidentiality of the application. | ||||
| CVE-2021-26387 | 2026-04-15 | 3.9 Low | ||
| Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity. | ||||
| CVE-2024-39025 | 2026-04-15 | 7.5 High | ||
| Incorrect access control in the /users endpoint of Cpacker MemGPT v0.3.17 allows attackers to access sensitive data. | ||||
| CVE-2024-3897 | 1 Ays-pro | 1 Popup Box | 2026-04-15 | 5.3 Medium |
| The Popup Box – Best WordPress Popup Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ays_pb_create_author AJAX action in all versions up to, and including, 4.3.6. This makes it possible for unauthenticated attackers to enumerate all emails registered on the website. | ||||
| CVE-2024-38794 | 1 Mediaron | 1 Custom Query Blocks | 2026-04-15 | 5.3 Medium |
| Missing Authorization vulnerability in MediaRon LLC Custom Query Blocks allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Custom Query Blocks: from n/a through 5.2.0. | ||||
| CVE-2024-38792 | 1 Conveythis | 1 Language Translate Widget For Wordpress Conveythis | 2026-04-15 | 5.3 Medium |
| Missing Authorization vulnerability in ConveyThis Translate Team Language Translate Widget for WordPress – ConveyThis allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Language Translate Widget for WordPress – ConveyThis: from n/a through 234. | ||||
| CVE-2024-38777 | 2026-04-15 | 6.5 Medium | ||
| Missing Authorization vulnerability in CreativeMotion Titan Anti-spam & Security allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Titan Anti-spam & Security: from n/a through 7.3.6. | ||||
| CVE-2024-38774 | 2 Siteground, Wordpress | 2 Siteground Security, Wordpress | 2026-04-15 | 5.4 Medium |
| Missing Authorization vulnerability in SiteGround SiteGround Security allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteGround Security: from n/a through 1.5.0. | ||||
| CVE-2024-38745 | 1 Rymera | 1 Wholesale Suite | 2026-04-15 | 5.3 Medium |
| Missing Authorization vulnerability in Rymera Web Co Wholesale Suite allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Wholesale Suite: from n/a through 2.1.12. | ||||
| CVE-2024-38744 | 1 Upqode | 1 Plum | 2026-04-15 | 8.3 High |
| Missing Authorization vulnerability in Upqode Plum: Spin Wheel & Email Pop-up allows Accessing Functionality Not Properly Constrained by ACLs, Stored XSS.This issue affects Plum: Spin Wheel & Email Pop-up: from n/a through 2.0. | ||||
| CVE-2024-38743 | 1 Upqode | 1 Plum | 2026-04-15 | 5.3 Medium |
| Access Control vulnerability in Upqode Plum: Spin Wheel & Email Pop-up allows . This issue affects Plum: Spin Wheel & Email Pop-up: from n/a through 2.0. | ||||
| CVE-2024-38740 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 5.4 Medium |
| Missing Authorization vulnerability in Packlink Shipping S.L. Packlink PRO shipping module allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Packlink PRO shipping module: from n/a through 3.4.6. | ||||
| CVE-2024-38737 | 2026-04-15 | 5.4 Medium | ||
| Missing Authorization vulnerability in Reservation Diary ReDi Restaurant Reservation allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ReDi Restaurant Reservation: from n/a through 24.0422. | ||||
| CVE-2024-37935 | 1 Anhvnit | 1 Woocommerce Openpos | 2026-04-15 | 7.5 High |
| Missing Authorization vulnerability in anhvnit Woocommerce OpenPos allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Woocommerce OpenPos: from n/a through 6.4.4. | ||||
| CVE-2024-37926 | 1 Volkov | 1 Wp Accessibility Helper | 2026-04-15 | 5.3 Medium |
| Missing Authorization vulnerability in Alex Volkov WP Accessibility Helper (WAH) allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Accessibility Helper (WAH): from n/a through 0.6.2.9. | ||||
| CVE-2024-37921 | 1 Kibokolabs | 1 Chained Quiz | 2026-04-15 | 5.3 Medium |
| Missing Authorization vulnerability in Kiboko Labs Chained Quiz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Chained Quiz: from n/a through 1.3.2.8. | ||||
| CVE-2024-37123 | 1 Vowelweb | 1 Ibtana | 2026-04-15 | 5.3 Medium |
| Missing Authorization vulnerability in VowelWeb Ibtana allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ibtana: from n/a through 1.2.3.3. | ||||
| CVE-2024-37106 | 1 Membershipsoftware | 1 Wishlist Member X | 2026-04-15 | 8.2 High |
| Missing Authorization vulnerability in WishList Products WishList Member X allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WishList Member X: from n/a through 3.26.6 | ||||