CVE List - 2024 / December
Showing 801 - 900 of 3433 CVEs for December 2024 (Page 9 of 35)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-12358 | 2024-12-09 | WeiYe-Jing datax-web add os command injection |
| CVE-2024-12359 | 2024-12-09 | code-projects Admin Dashboard vendor_management.php cross site scripting |
| CVE-2024-12360 | 2024-12-09 | code-projects Online Class and Exam Scheduling System class_update.php sql injection |
| CVE-2024-9651 | 2024-12-09 | Contact Form Plugin by Fluent Forms < 5.2.1 - Admin+ Stored XSS |
| CVE-2024-12305 | 2024-12-09 | Object-Level Access Control Vulnerability Allows Unauthorized Access to Student Grades in Unifiedtransform |
| CVE-2024-12306 | 2024-12-09 | Access Control Vulnerabilities Allow Unauthorized Access to User Profiles in Unifiedtransform |
| CVE-2024-12307 | 2024-12-09 | Function-Level Access Control Vulnerability Allows Unauthorized Modification of Student Data in Unifiedtransform |
| CVE-2024-46901 | 2024-12-09 | Apache Subversion: mod_dav_svn denial-of-service via control characters in paths |
| CVE-2023-49845 | 2024-12-09 | WordPress Redirects plugin <= 1.2.1 - Broken Access Control vulnerability |
| CVE-2023-51362 | 2024-12-09 | WordPress myStickyElements plugin <= 2.1.3 - Broken Access Control vulnerability |
| CVE-2023-51359 | 2024-12-09 | WordPress Essential Blocks plugin <= 4.2.0 - Multiple Contributor+ Broken Access Control vulnerability |
| CVE-2023-51360 | 2024-12-09 | WordPress Essential Blocks plugin <= 4.2.0 - Multiple Subscriber+ Broken Access Control vulnerability |
| CVE-2023-51357 | 2024-12-09 | WordPress Track Google Analytics 4, Facebook Pixel & Conversions API via Google Tag Manager for WooCommerce plugin <= 6.5.0 - Broken Access Control vulnerability |
| CVE-2023-51355 | 2024-12-09 | WordPress MultiVendorX plugin <= 4.0.23 - Broken Access Control vulnerability |
| CVE-2023-51353 | 2024-12-09 | WordPress Popup by Supsystic plugin <= 1.10.19 - Broken Access Control vulnerability |
| CVE-2023-50904 | 2024-12-09 | WordPress Poll Maker plugin <= 4.8.0 - Broken Access Control vulnerability |
| CVE-2023-50903 | 2024-12-09 | WordPress Metform Elementor Contact Form Builder plugin <= 3.4.0 - Broken Access Control vulnerability |
| CVE-2023-50899 | 2024-12-09 | WordPress Product Catalog Enquiry for WooCommerce by MultiVendorX plugin <= 5.0.2 - Broken Access Control vulnerability |
| CVE-2023-50887 | 2024-12-09 | WordPress User Feedback plugin <= 1.0.10 - Broken Access Control vulnerability |
| CVE-2023-50884 | 2024-12-09 | WordPress LA-Studio Element Kit for Elementor plugin <= 1.1.5 - Broken Access Control vulnerability |
| CVE-2023-50882 | 2024-12-09 | WordPress ProfilePress plugin <= 4.13.2 - Broken Access Control vulnerability |
| CVE-2023-50876 | 2024-12-09 | WordPress Molongui plugin <= 4.7.3 - Broken Access Control vulnerability |
| CVE-2023-50877 | 2024-12-09 | WordPress Product Filter by WBW plugin <= 2.5.0 - Broken Access Control vulnerability |
| CVE-2023-50375 | 2024-12-09 | WordPress Translate WordPress – Google Language Translator plugin <= 6.0.19 - Broken Access Control vulnerability |
| CVE-2023-50373 | 2024-12-09 | WordPress Alt Manager plugin <= 1.6.1 - Broken Access Control vulnerability |
| CVE-2023-49857 | 2024-12-09 | WordPress Awesome Support plugin <= 6.1.7 - Broken Access Control vulnerability |
| CVE-2023-49856 | 2024-12-09 | WordPress Smart Forms plugin <= 2.6.84 - Authenticated Arbitrary Options Change Vulnerability |
| CVE-2023-49851 | 2024-12-09 | WordPress Square Thumbnails plugin <= 1.1.1 - Broken Access Control + CSRF vulnerability |
| CVE-2023-49850 | 2024-12-09 | WordPress WP Simple HTML Sitemap plugin <= 2.7 - Broken Access Control vulnerability |
| CVE-2023-49849 | 2024-12-09 | WordPress Shortcoder plugin <= 6.3 - Broken Access Control vulnerability |
| CVE-2023-49848 | 2024-12-09 | WordPress Sharkdropship dropshipping for Aliexpress, eBay, Amazon, etsy plugin <= 2.1.1 - Broken Access Control vulnerability |
| CVE-2023-49858 | 2024-12-09 | WordPress Custom Login plugin <= 4.1.0 - Broken Access Control vulnerability |
| CVE-2023-49835 | 2024-12-09 | WordPress Post Duplicator plugin <= 2.31 - Broken Access Control vulnerability |
| CVE-2023-49859 | 2024-12-09 | WordPress Login With Ajax plugin <= 4.1 - Broken Access Control vulnerability |
| CVE-2023-49832 | 2024-12-09 | WordPress Site Reviews plugin <= 6.10.2 - Broken Access Control vulnerability |
| CVE-2023-49831 | 2024-12-09 | WordPress RegistrationMagic plugin <= 5.2.3.0 - Broken Access Control vulnerability |
| CVE-2023-49861 | 2024-12-09 | WordPress Social Media Feather plugin <= 2.1.3 - Broken Access Control vulnerability |
| CVE-2023-49818 | 2024-12-09 | WordPress Webflow Pages plugin <= 1.0.8 - Broken Access Control vulnerability |
| CVE-2023-49817 | 2024-12-09 | WordPress Flexible Woocommerce Checkout Field Editor plugin <= 2.0.1 - Broken Access Control vulnerability |
| CVE-2023-49758 | 2024-12-09 | WordPress WP Booking System plugin <= 2.0.19.2 - Broken Access Control vulnerability |
| CVE-2023-49757 | 2024-12-09 | WordPress Awesome Support plugin <= 6.1.10 - Broken Access Control + CSRF vulnerability |
| CVE-2023-49755 | 2024-12-09 | WordPress Elementor Timeline Widget plugin <= 2.2 - Notice Dismissal Vulnerability |
| CVE-2023-49756 | 2024-12-09 | WordPress Eventin plugin <= 3.3.52 - Authenticated Notice Dismissal Vulnerability |
| CVE-2023-49754 | 2024-12-09 | WordPress Bulk Edit Post Titles plugin <= 5.0.0 - Broken Access Control vulnerability |
| CVE-2023-49196 | 2024-12-09 | WordPress Pagelayer plugin <= 1.7.7 - Broken Access Control vulnerability |
| CVE-2023-49194 | 2024-12-09 | WordPress Importify (Dropshipping WooCommerce) plugin <= 1.0.4 - Sensitive Data Exposure vulnerability |
| CVE-2023-49193 | 2024-12-09 | WordPress Grow Social plugin <= 1.30.0 - Broken Access Control vulnerability |
| CVE-2023-49192 | 2024-12-09 | WordPress Enhanced Text Widget plugin <= 1.6.3 - Broken Access Control vulnerability |
| CVE-2023-49167 | 2024-12-09 | WordPress Database for CF7 plugin <= 1.2.4 - Broken Access Control vulnerability |
| CVE-2023-49158 | 2024-12-09 | WordPress LadiApp plugin <= 4.4 - Broken Access Control lead to XSS vulnerability |
| CVE-2023-49156 | 2024-12-09 | WordPress GoDaddy Email Marketing plugin <= 1.4.3 - Broken Access Control vulnerability |
| CVE-2023-49154 | 2024-12-09 | WordPress Button Generator – easily Button Builder plugin <= 2.3.8 - Broken Access Control vulnerability |
| CVE-2023-48779 | 2024-12-09 | WordPress 360 Javascript Viewer plugin <= 1.7.11 - Broken Access Control vulnerability |
| CVE-2023-48776 | 2024-12-09 | WordPress canvasio3D Light plugin <= 2.5.0 - Broken Access Control vulnerability |
| CVE-2023-48774 | 2024-12-09 | WordPress IdeaPush plugin < 8.58 - Broken Access Control vulnerability |
| CVE-2023-48750 | 2024-12-09 | WordPress Void Elementor Post Grid Addon for Elementor Page builder plugin <= 2.1.10 - Broken Access Control vulnerability |
| CVE-2023-48740 | 2024-12-09 | WordPress Easy Social Feed plugin <= 6.5.1 - Broken Access Control vulnerability |
| CVE-2023-48332 | 2024-12-09 | WordPress Mail Bank – #1 Mail SMTP Plugin for WordPress plugin <= 4.0.14 - Broken Access Control vulnerability |
| CVE-2023-48324 | 2024-12-09 | WordPress Awesome Support HelpDesk plugin <= 6.1.4 - Broken Access control vulnerability |
| CVE-2023-48287 | 2024-12-09 | WordPress TextMe SMS plugin <= 1.9.0 - Broken Access Control vulnerability |
| CVE-2023-48286 | 2024-12-09 | WordPress Accept Stripe Payments plugin <= 2.0.79 - Broken Access Control vulnerability |
| CVE-2023-48274 | 2024-12-09 | WordPress WCMultiShipping plugin <= 2.3.5 - Broken Access Control vulnerability |
| CVE-2023-47871 | 2024-12-09 | WordPress Contact Form to Any API plugin <= 1.1.6 - Broken Access Control vulnerability |
| CVE-2023-47869 | 2024-12-09 | WordPress wpForo plugin <= 2.2.5 - Broken Access Control + CSRF vulnerability |
| CVE-2023-47849 | 2024-12-09 | WordPress BlossomThemes Email Newsletter plugin <= 2.2.4 - Broken Access Control vulnerability |
| CVE-2023-47847 | 2024-12-09 | WordPress PayTR Taksit Tablosu plugin <= 1.3.1 - Broken Access Control vulnerability |
| CVE-2023-47841 | 2024-12-09 | WordPress Analytify plugin <= 5.1.1 - Broken Access Control vulnerability |
| CVE-2023-47838 | 2024-12-09 | WordPress Conditional Fields for Contact Form 7 plugin <= 2.4.1 - Broken Access Control vulnerability |
| CVE-2023-47836 | 2024-12-09 | WordPress WP Meta and Date Remover plugin <= 2.3.0 - Broken Access Control vulnerability |
| CVE-2023-47832 | 2024-12-09 | WordPress SearchIQ plugin <= 4.4 - Broken Access Control vulnerability |
| CVE-2023-47830 | 2024-12-09 | WordPress Live Preview for Contact Form 7 plugin <= 1.2.0 - Broken Access Control vulnerability |
| CVE-2023-47826 | 2024-12-09 | WordPress Restaurant & Cafe Addon for Elementor plugin <= 1.5.3 - Broken Access Control vulnerability |
| CVE-2023-47823 | 2024-12-09 | WordPress FormCraft – Contact Form Builder for WordPress plugin <= 1.2.7 - Broken Access Control vulnerability |
| CVE-2023-47822 | 2024-12-09 | WordPress MP3 Audio Player for Music, Radio & Podcast by Sonaar plugin <= 4.10 - Broken Access Control vulnerability |
| CVE-2023-47820 | 2024-12-09 | WordPress WP Like Button plugin <= 1.7.0 - Broken Access Control vulnerability |
| CVE-2023-47805 | 2024-12-09 | WordPress WPCafe plugin <= 2.2.22 - Broken Access Control vulnerability |
| CVE-2023-47793 | 2024-12-09 | WordPress Acme Fix Images plugin <= 1.0.0 - Broken Access Control vulnerability |
| CVE-2023-47780 | 2024-12-09 | WordPress EasyAzon – Amazon Associates Affiliate Plugin plugin <= 5.1.0 - Broken Access Control vulnerability |
| CVE-2023-47776 | 2024-12-09 | WordPress miniorange otp verification plugin <= 4.2.1 - Broken Access Control vulnerability |
| CVE-2023-47764 | 2024-12-09 | WordPress Ditty plugin <= 3.1.24 - Broken Access Control vulnerability |
| CVE-2023-47763 | 2024-12-09 | WordPress WP Custom Admin Interface plugin <= 7.31 - Broken Access Control vulnerability |
| CVE-2023-47762 | 2024-12-09 | WordPress BetterDocs plugin <= 2.5.2 - Broken Access Control vulnerability |
| CVE-2023-47761 | 2024-12-09 | WordPress Simple 301 Redirects by BetterLinks plugin <= 2.0.7 - Broken Access Control vulnerability |
| CVE-2023-47760 | 2024-12-09 | WordPress Essential Blocks plugin <= 4.2.0 - Broken Access Control vulnerability |
| CVE-2023-47756 | 2024-12-09 | WordPress Welcome Email Editor plugin <= 5.0.6 - Broken Access Control vulnerability |
| CVE-2023-47698 | 2024-12-09 | WordPress Japanized For WooCommerce plugin <= 2.6.4 - Multiple Broken Access Control vulnerability |
| CVE-2023-47694 | 2024-12-09 | WordPress Mini Cart Drawer For WooCommerce plugin <= 4.0.0 - Broken Access Control vulnerability |
| CVE-2023-32299 | 2024-12-09 | WordPress Ni WooCommerce Sales Report plugin <= 3.7.3 - Broken Access Control vulnerability |
| CVE-2023-32293 | 2024-12-09 | WordPress WRC Pricing Tables plugin <= 2.3.7 - Broken Access Control vulnerability |
| CVE-2023-32126 | 2024-12-09 | WordPress SALERT plugin <= 1.2.1 - Broken Access Control vulnerability |
| CVE-2023-32117 | 2024-12-09 | WordPress Integrate Google Drive plugin <= 1.1.99 - Unauthenticated Broken Access Control vulnerability |
| CVE-2023-32094 | 2024-12-09 | WordPress Extended Post Status plugin <= 1.0.19 - Broken Access Control vulnerability |
| CVE-2023-31214 | 2024-12-09 | WordPress WP Quick Post Duplicator plugin <= 2.0 - Broken Access Control vulnerability |
| CVE-2023-31073 | 2024-12-09 | WordPress Shortcode to display post and user data plugin <= 1.2.0 - Broken Access Control vulnerability |
| CVE-2023-30873 | 2024-12-09 | WordPress WP Docs plugin <= 1.9.8 - Broken Access Control |
| CVE-2023-30870 | 2024-12-09 | WordPress Sharkdropship for AliExpress Dropship and Affiliate plugin <= 2.2.3 - Multiple Broken Access Control vulnerabilities |
| CVE-2023-30783 | 2024-12-09 | WordPress Smart WooCommerce Search plugin <= 2.5.0 - Broken Access Control |
| CVE-2023-30748 | 2024-12-09 | WordPress Easy Appointments plugin <= 3.10.7 - Auth. Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2023-30488 | 2024-12-09 | WordPress Featured Post Creative plugin <= 1.2.7 - Broken Access Control vulnerability |
| CVE-2023-30486 | 2024-12-09 | WordPress Square theme <= 2.0.0 - Broken Access Control |