CVE List - 2024 / November
Showing 101 - 200 of 4054 CVEs for November 2024 (Page 2 of 41)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-43273 | 2024-11-01 | WordPress Icegram Collect plugin <= 1.3.14 - Broken Access Control vulnerability |
| CVE-2024-43270 | 2024-11-01 | WordPress Backup and Restore WordPress plugin <= 1.50 - Unauthenticated Broken Access Control vulnerability |
| CVE-2024-43268 | 2024-11-01 | WordPress Backup and Restore WordPress plugin <= 1.50 - Broken Access Control vulnerability |
| CVE-2024-43260 | 2024-11-01 | WordPress Clearfy Cache plugin <= 2.2.4 - Broken Access Control vulnerability |
| CVE-2024-43254 | 2024-11-01 | WordPress Smart Online Order for Clover plugin <= 1.5.6 - Broken Access Control vulnerability |
| CVE-2024-43253 | 2024-11-01 | WordPress Smart Online Order for Clover plugin <= 1.5.6 - Broken Access Control vulnerability |
| CVE-2024-43235 | 2024-11-01 | WordPress Meta Box plugin <= 5.9.10 - Broken Access Control vulnerability |
| CVE-2024-43229 | 2024-11-01 | WordPress WP Search Analytics plugin <= 1.4.9 - Broken Access Control vulnerability |
| CVE-2024-43223 | 2024-11-01 | WordPress EventPrime plugin <= 4.0.3.2 - Broken Access Control vulnerability |
| CVE-2024-43219 | 2024-11-01 | WordPress Persian WooCommerce plugin <= 7.1.6 - Broken Access Control vulnerability |
| CVE-2024-43215 | 2024-11-01 | WordPress Social Slider Feed plugin <= 2.2.2 - Broken Access Control vulnerability |
| CVE-2024-43212 | 2024-11-01 | WordPress WpTravelly plugin <= 1.7.7 - Broken Access Control vulnerability |
| CVE-2024-43211 | 2024-11-01 | WordPress MailChimp Subscribe Form plugin <=4.0.9.9 - Stored Cross-Site Scripting vulnerability |
| CVE-2024-43209 | 2024-11-01 | WordPress Bitly's WordPress Plugin plugin <= 2.7.2 - Broken Access Control vulnerability |
| CVE-2024-43208 | 2024-11-01 | WordPress Send Emails with Mandrill plugin <= 1.4.1 - Broken Access Control vulnerability |
| CVE-2024-43162 | 2024-11-01 | WordPress Easy Digital Downloads plugin <= 3.2.12 - Broken Access Control vulnerability |
| CVE-2024-43159 | 2024-11-01 | WordPress Masteriyo LMS plugin <= 1.11.6 - Broken Access Control vulnerability |
| CVE-2024-43158 | 2024-11-01 | WordPress Masteriyo LMS plugin <= 1.11.4 - Broken Access Control vulnerability |
| CVE-2024-43157 | 2024-11-01 | WordPress FormCraft plugin <= 1.2.10 - Broken Access Control vulnerability |
| CVE-2024-43154 | 2024-11-01 | WordPress Advanced Cron Manager – debug & control plugin <= 2.5.9 - Broken Access Control vulnerability |
| CVE-2024-43146 | 2024-11-01 | WordPress Accelerated Mobile Pages plugin <= 1.0.96.1 - Broken Access Control vulnerability |
| CVE-2024-43143 | 2024-11-01 | WordPress Registrations for the Events Calendar plugin <= 2.12.1 - Broken Access Control vulnerability |
| CVE-2024-43142 | 2024-11-01 | WordPress Tutor LMS plugin <= 2.7.3 - Broken Access Control vulnerability |
| CVE-2024-43136 | 2024-11-01 | WordPress Sunshine Photo Cart plugin <= 3.2.1 - Broken Access Control vulnerability |
| CVE-2024-43134 | 2024-11-01 | WordPress Waitlist Woocommerce plugin <= 2.6 - Broken Access Control vulnerability |
| CVE-2024-43122 | 2024-11-01 | WordPress Robin image optimizer plugin <= 1.6.9 - Broken Access Control vulnerability |
| CVE-2024-43120 | 2024-11-01 | WordPress TypeSquare Webfonts plugin <= 2.0.7 - Broken Access Control vulnerability |
| CVE-2024-43119 | 2024-11-01 | WordPress Aruba HiSpeed Cache plugin <= 2.0.12 - Broken Access Control vulnerability |
| CVE-2024-43118 | 2024-11-01 | WordPress Hummingbird plugin <= 3.9.1 - Broken Access Control vulnerability |
| CVE-2024-39664 | 2024-11-01 | WordPress Filter & Grids plugin <= 2.8.32 - Broken Authentication vulnerability |
| CVE-2024-39654 | 2024-11-01 | WordPress Sign-up Sheets plugin <= 2.2.12 - Broken Access Control vulnerability |
| CVE-2024-39650 | 2024-11-01 | WordPress WooCommerce PDF Vouchers plugin < 4.9.5 - Unauthenticated Multiple Vulnerabilities |
| CVE-2024-39640 | 2024-11-01 | WordPress Social Feed Gallery plugin <= 4.3.9 - Broken Access Control vulnerability |
| CVE-2024-39639 | 2024-11-01 | WordPress File Upload plugin <= 4.24.7 - Broken Access Control + CSRF vulnerability |
| CVE-2024-39635 | 2024-11-01 | WordPress Youzify plugin <= 1.2.6 - Broken Access Control vulnerability |
| CVE-2024-39625 | 2024-11-01 | WordPress Icegram Engage plugin <= 3.1.24 - Unauthenticated Message Duplication Vulnerability |
| CVE-2024-38794 | 2024-11-01 | WordPress Custom Query Blocks plugin <= 5.2.0 - Broken Access Control vulnerability |
| CVE-2024-38792 | 2024-11-01 | WordPress ConveyThis Translate plugin <= 234 - Non-arbitrary Options Update vulnerability |
| CVE-2024-38783 | 2024-11-01 | WordPress Arconix FAQ plugin <= 1.9.4 - Broken Access Control vulnerability |
| CVE-2024-38777 | 2024-11-01 | WordPress Titan Anti-spam & Security plugin <= 7.3.6 - Broken Access Control vulnerability |
| CVE-2024-38774 | 2024-11-01 | WordPress Security Optimizer plugin <= 1.5.0 - Broken Access Control vulnerability |
| CVE-2024-38771 | 2024-11-01 | WordPress Atarim plugin <= 4.0 - Broken Access Control vulnerability |
| CVE-2024-38769 | 2024-11-01 | WordPress Arconix Shortcodes plugin <= 2.1.11 - Broken Access Control vulnerability |
| CVE-2024-38748 | 2024-11-01 | WordPress EleForms plugin <= 2.9.9.9 - Broken Access Control vulnerability |
| CVE-2024-38745 | 2024-11-01 | WordPress Wholesale Suite plugin <= 2.1.12 - Broken Access Control vulnerability |
| CVE-2024-38744 | 2024-11-01 | WordPress Plum: Spin Wheel & Email Pop-up plugin <= 2.0 - Broken Access Control to Unauth Stored XSS vulnerability |
| CVE-2024-38743 | 2024-11-01 | WordPress Plum: Spin Wheel & Email Pop-up plugin <= 2.0 - Broken Access Control vulnerability |
| CVE-2024-38740 | 2024-11-01 | WordPress Packlink PRO shipping module plugin <= 3.4.6 - Broken Access Control vulnerability |
| CVE-2024-38737 | 2024-11-01 | WordPress ReDi Restaurant Reservation plugin <= 24.0422 - Broken Access Control vulnerability |
| CVE-2024-38733 | 2024-11-01 | WordPress Meks Video Importer plugin <= 1.0.12 - Broken Access Control vulnerability |
| CVE-2024-38727 | 2024-11-01 | WordPress Seraphinite Post .DOCX Source plugin <= 2.16.9 - Broken Access Control vulnerability |
| CVE-2024-38726 | 2024-11-01 | WordPress Product Designer plugin <= 1.0.33 - Arbitrary Content Deletion vulnerability |
| CVE-2024-38721 | 2024-11-01 | WordPress EazyDocs plugin <= 2.5.0 - Broken Access Control vulnerability |
| CVE-2024-38719 | 2024-11-01 | WordPress Auto Featured Image plugin <= 4.1.2 - Broken Access Control vulnerability |
| CVE-2024-38714 | 2024-11-01 | WordPress WP Fast Total Search <= 1.68.232 - Broken Access Control vulnerability |
| CVE-2024-38707 | 2024-11-01 | WordPress EmbedPress plugin <= 4.0.4 - Broken Access Control vulnerability |
| CVE-2024-38702 | 2024-11-01 | WordPress Product Delivery Date for WooCommerce – Lite plugin <= 2.7.2 - Broken Access Control vulnerability |
| CVE-2024-38695 | 2024-11-01 | WordPress WP GoToWebinar plugin <= 15.6 - Broken Access Control vulnerability |
| CVE-2024-38690 | 2024-11-01 | WordPress iPanorama 360 plugin <= 1.8.3 - Broken Access Control vulnerability |
| CVE-2024-37929 | 2024-11-01 | WordPress User Activity Log Pro plugin <= 2.3.4 - Subscriber+ Multiple Broken Access Control vulnerability |
| CVE-2024-37926 | 2024-11-01 | WordPress WP Accessibility Helper (WAH) plugin <= 0.6.2.9 - Broken Access Control vulnerability |
| CVE-2024-37921 | 2024-11-01 | WordPress Chained Quiz plugin <= 1.3.2.8 - Broken Access Control vulnerability |
| CVE-2024-37517 | 2024-11-01 | WordPress Spectra plugin <= 2.13.7 - Broken Access Control vulnerability |
| CVE-2024-37516 | 2024-11-01 | WordPress Featured Image from URL (FIFU) plugin <= 4.8.2 - Broken Access Control vulnerability |
| CVE-2024-37510 | 2024-11-01 | WordPress Donation Forms by Charitable plugin <= 1.8.1.7 - Broken Access Control vulnerability |
| CVE-2024-37506 | 2024-11-01 | WordPress Donation Forms by Charitable plugin <= 1.8.1.7 - Broken Access Control vulnerability |
| CVE-2024-37505 | 2024-11-01 | WordPress Business One Page theme <= 1.2.9 - Broken Access Control on Notice Dismissal vulnerability |
| CVE-2024-37483 | 2024-11-01 | WordPress The Post Grid plugin <= 7.7.4 - Broken Access Control vulnerability |
| CVE-2024-37482 | 2024-11-01 | WordPress The Post Grid plugin <= 7.7.4 - Broken Access Control vulnerability |
| CVE-2024-37481 | 2024-11-01 | WordPress The Post Grid plugin <= 7.7.4 - Broken Access Control vulnerability |
| CVE-2024-37477 | 2024-11-01 | WordPress Newspack Content Converter plugin <= 0.1.5 - Broken Access Control vulnerability |
| CVE-2024-37475 | 2024-11-01 | WordPress Newspack Newsletters plugin <= 2.13.2 - Broken Access Control vulnerability |
| CVE-2024-37470 | 2024-11-01 | WordPress Woffice Core plugin <= 5.4.8 - Unauthenticated Broken Access Control vulnerability |
| CVE-2024-37468 | 2024-11-01 | WordPress Newsmatic theme <= 1.3.1 - Broken Access Control vulnerability |
| CVE-2024-37463 | 2024-11-01 | WordPress CRM Perks Forms plugin <= 1.1.5 - Broken Access Control vulnerability |
| CVE-2024-37456 | 2024-11-01 | WordPress Simple Newsletter Plugin – Noptin plugin <= 3.4.2 - Broken Access Control vulnerability |
| CVE-2024-37453 | 2024-11-01 | WordPress ProfileGrid – User Profiles, Groups and Communities plugin <= 5.8.7 - Broken Access Control vulnerability |
| CVE-2024-37444 | 2024-11-01 | WordPress Defender plugin <= 4.7.1 - Broken Access Control vulnerability |
| CVE-2024-37443 | 2024-11-01 | WordPress WP Job Manager plugin <= 2.1.0 - Broken Access Control vulnerability |
| CVE-2024-37440 | 2024-11-01 | WordPress Church Admin plugin <= 4.4.4 - Broken Access Control vulnerability |
| CVE-2024-37439 | 2024-11-01 | WordPress Uncanny Toolkit Pro for LearnDash plugin < 4.1.4.1 - Subscriber+ Arbitrary Post/Page Duplication vulnerability |
| CVE-2024-37427 | 2024-11-01 | WordPress Timetics plugin <= 1.0.21 - Broken Access Control vulnerability |
| CVE-2024-37425 | 2024-11-01 | WordPress Newspack Blocks plugin <= 3.0.8 - Broken Access Control vulnerability |
| CVE-2024-37423 | 2024-11-01 | WordPress Newspack Blocks plugin <= 3.0.8 - Contributor+ Arbitrary Directory Deletion vulnerability |
| CVE-2024-37415 | 2024-11-01 | WordPress E2Pdf plugin <= 1.20.27 - Broken Access Control vulnerability |
| CVE-2024-37411 | 2024-11-01 | WordPress Progress Planner plugin <= 0.9.1 - Broken Access Control vulnerability |
| CVE-2024-37277 | 2024-11-01 | WordPress Paid Memberships Pro plugin <= 3.0.4 - Insecure Direct Object References (IDOR) vulnerability |
| CVE-2024-37276 | 2024-11-01 | WordPress Featured Image from URL (FIFU) plugin <= 4.8.1 - Broken Access Control vulnerability |
| CVE-2024-37269 | 2024-11-01 | WordPress Masterstudy Elementor Widgets plugin <= 1.2.2 - Unauthenticated Broken Access Control vulnerability |
| CVE-2024-37255 | 2024-11-01 | WordPress ElementsKit Lite plugin <= 3.1.4 - Unauthenticated Broken Access Control vulnerability |
| CVE-2024-37254 | 2024-11-01 | WordPress WP File Manager plugin <= 7.2.7 - Broken Access Control vulnerability |
| CVE-2024-37232 | 2024-11-01 | WordPress Hercules Core plugin <= 6.5 - Subscriber+ Arbitrary Settings Change/Access vulnerability |
| CVE-2024-37226 | 2024-11-01 | WordPress Kanban Boards for WordPress plugin <= 2.5.21 - Broken Access Control vulnerability |
| CVE-2024-37220 | 2024-11-01 | WordPress Optinly plugin <= 1.0.18 - Broken Access Control vulnerability |
| CVE-2024-37218 | 2024-11-01 | WordPress Page Builder Sandwich <= 5.1.0 - Broken Access Control vulnerability |
| CVE-2024-37214 | 2024-11-01 | WordPress AliExpress Dropshipping with AliNext Lite plugin <= 3.3.5 - Broken Access Control to XSS vulnerability |
| CVE-2024-37207 | 2024-11-01 | WordPress Demo Awesome plugin <= 1.0.2 - Broken Access Control vulnerability |
| CVE-2024-37204 | 2024-11-01 | WordPress PropertyHive plugin <= 2.0.9 - Broken Access Control vulnerability |
| CVE-2024-37203 | 2024-11-01 | WordPress Laybuy Payment Extension for WooCommerce plugin <= 5.3.9 - Broken Access Control vulnerability |
| CVE-2024-37201 | 2024-11-01 | WordPress Woocommerce Customers Order History plugin <= 5.2.2 - Broken Access Control vulnerability |