CVE List - 2024 / December
Showing 1801 - 1900 of 3433 CVEs for December 2024 (Page 19 of 35)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-37989 | 2024-12-13 | WordPress Easyship WooCommerce Shipping Rates plugin <= 0.9.0 - Broken Access Control vulnerability |
| CVE-2023-38383 | 2024-12-13 | WordPress Language plugin <= 1.2.1 - Broken Access Control vulnerability |
| CVE-2023-38385 | 2024-12-13 | WordPress Jupiter X Core plugin <= 3.3.0 - Multiple Auth. Broken Access Control vulnerability |
| CVE-2023-38475 | 2024-12-13 | WordPress Donations Made Easy – Smart Donations plugin <= 4.0.12 - Broken Access Control vulnerability |
| CVE-2023-38477 | 2024-12-13 | WordPress QR code MeCard/vCard generator plugin <= 1.6.0 - Broken Access Control vulnerability |
| CVE-2023-38479 | 2024-12-13 | WordPress Simple Googlebot Visit plugin <= 1.2.4 - Broken Access Control vulnerability |
| CVE-2023-38480 | 2024-12-13 | WordPress Booster Elementor Addons plugin <= 1.4.9 - Broken Access Control vulnerability |
| CVE-2023-38483 | 2024-12-13 | WordPress Instant CSS plugin <= 1.1.4 - Broken Access Control vulnerability |
| CVE-2023-38514 | 2024-12-13 | WordPress Social Share Icons & Social Share Buttons plugin <= 3.5.7 - Broken Access Control vulnerability |
| CVE-2023-39305 | 2024-12-13 | WordPress Yet Another Stars Rating plugin <= 3.4.3 - Broken Access Control vulnerability |
| CVE-2023-39920 | 2024-12-13 | WordPress Redirection for Contact Form 7 plugin <= 2.9.2 - Broken Access Control vulnerability |
| CVE-2023-39995 | 2024-12-13 | WordPress Portfolio and Projects plugin <= 1.3.7 - Broken Access Control vulnerability |
| CVE-2023-39996 | 2024-12-13 | WordPress Accordion and Accordion Slider plugin <= 1.2.4 - Broken Access Control |
| CVE-2023-39997 | 2024-12-13 | WordPress Popup by Supsystic plugin <= 1.10.19 - Broken Access Control Vulnerability |
| CVE-2023-40001 | 2024-12-13 | WordPress iThemes Sync plugin <= 2.1.13 - Broken Access Control vulnerability |
| CVE-2023-40003 | 2024-12-13 | WordPress WP Project Manager plugin <= 2.6.7 - Broken Access Control vulnerability |
| CVE-2023-40005 | 2024-12-13 | WordPress Easy Digital Downloads plugin <= 3.1.5 - Broken Access Control |
| CVE-2023-40011 | 2024-12-13 | WordPress Cost Calculator Builder plugin <= 3.1.42 - Broken Access Control vulnerability |
| CVE-2023-40203 | 2024-12-13 | WordPress MailChimp Forms by MailMunch plugin <= 3.1.4 - Broken Access Control |
| CVE-2023-40213 | 2024-12-13 | WordPress Justified Gallery plugin <= 1.7.3 - Broken Access Control vulnerability |
| CVE-2023-40331 | 2024-12-13 | WordPress Accordion Slider plugin <= 1.9.6 - Broken Access Control vulnerability |
| CVE-2023-40334 | 2024-12-13 | WordPress HUSKY – Products Filter for WooCommerce Professional plugin <= 1.3.4.2 - Broken Access Control vulnerability |
| CVE-2023-40670 | 2024-12-13 | WordPress ReviewX plugin <= 1.6.17 - Broken Access Control vulnerability |
| CVE-2023-40678 | 2024-12-13 | WordPress Simple URLs plugin <= 117 - Broken Access Control vulnerability |
| CVE-2023-41130 | 2024-12-13 | WordPress Premmerce User Roles plugin <= 1.0.12 - Broken Access Control vulnerability |
| CVE-2023-41132 | 2024-12-13 | WordPress Category Slider for WooCommerce plugin <= 1.4.15 - Broken Access Control vulnerability |
| CVE-2023-41133 | 2024-12-13 | WordPress Secure Admin IP plugin <= 2.0 - IP Spoofing vulnerability |
| CVE-2023-41649 | 2024-12-13 | WordPress Ovic Product Bundle plugin <= 1.1.2 - Broken Access Control vulnerability |
| CVE-2023-41664 | 2024-12-13 | WordPress Easy Newsletter Signups plugin <= 1.0.4 - Broken Access Control vulnerability |
| CVE-2023-41671 | 2024-12-13 | WordPress Abandoned Cart Lite for WooCommerce plugin <= 5.16.1 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2023-41683 | 2024-12-13 | WordPress TelSender plugin <= 1.14.11 - Broken Access Control + CSRF vulnerability |
| CVE-2023-41686 | 2024-12-13 | WordPress Woocommerce Support System plugin <= 1.2.2 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2023-41688 | 2024-12-13 | WordPress Bulk NoIndex & NoFollow Toolkit plugin <= 1.5 - Broken Access Control vulnerability |
| CVE-2023-41689 | 2024-12-13 | WordPress Post to Google My Business (Google Business Profile) plugin <= 3.1.14 - Broken Access Control vulnerability |
| CVE-2023-41690 | 2024-12-13 | WordPress WiserNotify Social Proof plugin <= 2.5 - Broken Access Control vulnerability |
| CVE-2023-41695 | 2024-12-13 | WordPress Analytify plugin <= 5.1.0 - Broken Access Control vulnerability |
| CVE-2023-41802 | 2024-12-13 | WordPress Super Socializer plugin <= 7.13.54 - Broken Access Control vulnerability |
| CVE-2023-41803 | 2024-12-13 | WordPress BitPay Checkout for WooCommerce plugin <= 4.1.0 - Broken Access Control vulnerability |
| CVE-2023-41848 | 2024-12-13 | WordPress Carousel Slider plugin <= 2.2.2 - Broken Access Control vulnerability |
| CVE-2023-41849 | 2024-12-13 | WordPress Posts Like Dislike plugin <= 1.1.0 - Broken Access Control vulnerability |
| CVE-2023-41857 | 2024-12-13 | WordPress Click To Tweet plugin <= 2.0.14 - Broken Access Control vulnerability |
| CVE-2023-41862 | 2024-12-13 | WordPress VS Contact Form plugin <= 14.0 - Sum Captcha Bypass vulnerability |
| CVE-2023-41865 | 2024-12-13 | WordPress Slider Pro plugin <= 4.8.6 - Broken Access Control vulnerability |
| CVE-2023-41866 | 2024-12-13 | WordPress Automatic YouTube Gallery plugin <= 2.3.3 - Broken Access Control vulnerability |
| CVE-2023-41869 | 2024-12-13 | WordPress WP Accessibility Helper (WAH) plugin <= 0.6.2.4 - Broken Access Control vulnerability |
| CVE-2023-41870 | 2024-12-13 | WordPress WP Crowdfunding plugin <= 2.1.5 - Broken Access Control vulnerability |
| CVE-2023-41873 | 2024-12-13 | WordPress SAML Single Sign On – SSO Login plugin <= 5.0.4 - Broken Access Control vulnerability |
| CVE-2023-41875 | 2024-12-13 | WordPress WP Directory Kit plugin <= 1.2.6 - Broken Access Control vulnerability |
| CVE-2023-41951 | 2024-12-13 | WordPress rtMedia for WordPress, BuddyPress and bbPress plugin <= 4.6.14 - Broken Access Control vulnerability |
| CVE-2023-41952 | 2024-12-13 | WordPress Fluent Forms plugin <= 5.0.8 - Broken Access Control vulnerability |
| CVE-2023-44142 | 2024-12-13 | WordPress Inactive Logout plugin <= 3.2.2 - Broken Access Control vulnerability |
| CVE-2023-44147 | 2024-12-13 | WordPress Comment Blacklist Updater plugin <= 1.1.0 - Broken Access Control vulnerability |
| CVE-2023-44149 | 2024-12-13 | WordPress Brands for WooCommerce plugin <= 3.8.2.2 - Broken Access Control vulnerability |
| CVE-2024-54231 | 2024-12-13 | WordPress Ni WooCommerce Order Export plugin <= 3.1.6 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54233 | 2024-12-13 | WordPress Advanced Control Manager plugin <= 2.16.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54234 | 2024-12-13 | WordPress Limit Login Attempts plugin <= 5.5 - SQL Injection vulnerability |
| CVE-2024-54235 | 2024-12-13 | WordPress Shiptimize for WooCommerce plugin <= 3.1.86 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54236 | 2024-12-13 | WordPress Ni WooCommerce Bulk Product Editor plugin <= 1.4.5 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54237 | 2024-12-13 | WordPress Ni CRM Lead plugin <= 1.3.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54238 | 2024-12-13 | WordPress Board Document Manager from CHUHPL plugin <= 1.9.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54239 | 2024-12-13 | WordPress Eyewear prescription form plugin <= 4.0.18 - Arbitrary Option Update to Privilege Escalation vulnerability |
| CVE-2024-54240 | 2024-12-13 | WordPress Blaze Online eParcel for WooCommerce plugin <= 1.3.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54241 | 2024-12-13 | WordPress Elite Notification plugin 1.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54242 | 2024-12-13 | WordPress Simple Notification plugin <= 1.3 - Broken Access Control vulnerability |
| CVE-2024-54243 | 2024-12-13 | WordPress Echoza plugin <= 0.1.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54244 | 2024-12-13 | WordPress Easy Replace plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54245 | 2024-12-13 | WordPress Clients plugin <= 1.1.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54246 | 2024-12-13 | WordPress FAQs plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54248 | 2024-12-13 | WordPress Eewee Admin Custom plugin <= 1.8.2.4 - CSRF to Privilege Escalation vulnerability |
| CVE-2024-54250 | 2024-12-13 | WordPress Prodigy Commerce plugin <= 3.0.8 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54252 | 2024-12-13 | WordPress Pinpoint Booking System Plugin <= 2.9.9.5.2 - Broken Access Control vulnerability |
| CVE-2024-54256 | 2024-12-13 | WordPress Easy Blocks pro plugin <= 1.0.21 - Broken Access Control vulnerability |
| CVE-2024-54258 | 2024-12-13 | WordPress Ni CRM Lead plugin <= 1.3.0 - SQL Injection vulnerability |
| CVE-2024-54259 | 2024-12-13 | WordPress DELUCKS SEO plugin <= 2.5.5 - Arbitrary File Download vulnerability |
| CVE-2024-54261 | 2024-12-13 | WordPress TAX SERVICE Electronic HDM plugin <= 1.1.2 - SQL Injection vulnerability |
| CVE-2024-54262 | 2024-12-13 | WordPress Import Export For WooCommerce plugin <= 1.5 - Arbitrary File Upload vulnerability |
| CVE-2024-54264 | 2024-12-13 | WordPress Shortcodes Blocks Creator Ultimate plugin <= 2.2.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54265 | 2024-12-13 | WordPress Barcode Scanner and Inventory manager plugin <= 1.6.6 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54266 | 2024-12-13 | WordPress ImageRecycle pdf & image compression plugin <= 3.1.16 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54267 | 2024-12-13 | WordPress CM Answers plugin <= 3.2.6 - Broken Access Control vulnerability |
| CVE-2024-54268 | 2024-12-13 | WordPress SiteOrigin Widgets Bundle plugin <= 1.64.0 - Broken Access Control vulnerability |
| CVE-2024-54271 | 2024-12-13 | WordPress WPCargo Track & Trace plugin <= 7.0.6 - Settings Change vulnerability |
| CVE-2024-54272 | 2024-12-13 | WordPress Radius Blocks plugin <= 2.1.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54273 | 2024-12-13 | WordPress Mail Picker plugin <= 1.0.14 - PHP Object Injection vulnerability |
| CVE-2024-54274 | 2024-12-13 | WordPress Octrace Support plugin <= 1.2.7 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54275 | 2024-12-13 | WordPress CSV to html plugin <= 3.04 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54276 | 2024-12-13 | WordPress Poll Builder plugin <= 1.3.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54277 | 2024-12-13 | WordPress Nias course plugin <= 1.2.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54278 | 2024-12-13 | WordPress News Ticker for Elementor plugin <= 2.1.3 - Broken Access Control vulnerability |
| CVE-2024-54282 | 2024-12-13 | WordPress WP Mega Menu plugin <= 1.4.2 - PHP Object Injection vulnerability |
| CVE-2024-54286 | 2024-12-13 | WordPress Smaily for WP plugin <= 3.1.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54287 | 2024-12-13 | WordPress Advanced Blog Post Block plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54288 | 2024-12-13 | WordPress LDD Directory Lite plugin <= 3.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54289 | 2024-12-13 | WordPress Awesome Support plugin <= 6.3.0 - Broken Access Control vulnerability |
| CVE-2024-54290 | 2024-12-13 | WordPress Role Includer plugin <= 1.6 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54292 | 2024-12-13 | WordPress Appsplate plugin <= 2.1.3 - SQL Injection vulnerability |
| CVE-2024-54293 | 2024-12-13 | WordPress CE21 Suite plugin <= 2.2.0 - Privilege Escalation vulnerability |
| CVE-2024-54294 | 2024-12-13 | WordPress Firebase OTP Authentication plugin <= 1.0.1 - Account Takeover vulnerability |
| CVE-2024-54295 | 2024-12-13 | WordPress ListApp Mobile Manager plugin <= 1.7.7 - Account Takeover vulnerability |
| CVE-2024-54296 | 2024-12-13 | WordPress CoSchool LMS plugin <= 1.2 - Account Takeover vulnerability |