CWE-862 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (7893 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-5737	1 Webtoffee	1 Backup And Migration	2024-11-21	4.3 Medium
The WordPress Backup & Migration WordPress plugin before 1.4.4 does not authorize some AJAX requests, allowing users with a role as low as Subscriber to update some plugin settings.
CVE-2023-5525	1 Limitloginattempts	1 Limit Login Attempts Reloaded	2024-11-21	4.3 Medium
The Limit Login Attempts Reloaded WordPress plugin before 2.25.26 is missing authorization on the `toggle_auto_update` AJAX action, allowing any user with a valid nonce to toggle the auto-update status of the plugin.
CVE-2023-5331	1 Mattermost	1 Mattermost Server	2024-11-21	4.3 Medium
Mattermost fails to properly check the creator of an attached file when adding the file to a draft post, potentially exposing unauthorized file information.
CVE-2023-5321	1 Hamza417	1 Inure	2024-11-21	5.5 Medium
Missing Authorization in GitHub repository hamza417/inure prior to build94.
CVE-2023-5165	1 Docker	1 Docker Desktop	2024-11-21	7.1 High
Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business customers only and assumes an environment where users are not granted local root or Administrator privileges. This issue has been fixed in Docker Desktop 4.23.0. Affected Docker Desktop versions: from 4.13.0 before 4.23.0.
CVE-2023-52275	1 Tecno-mobile	2 Camon X, Camon X Firmware	2024-11-21	2.1 Low
Gallery3d on Tecno Camon X CA7 devices allows attackers to view hidden images by navigating to data/com.android.gallery3d/.privatealbum/.encryptfiles and guessing the correct image file extension.
CVE-2023-52232	1 Booster	1 Booster For Woocommerce	2024-11-21	6.5 Medium
Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before 7.1.2.
CVE-2023-52230	1 Booster	1 Booster For Woocommerce	2024-11-21	6.5 Medium
Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before 7.1.3.
CVE-2023-52217	1 Wedevs	1 Woocommerce Conversion Tracking	2024-11-21	4.3 Medium
Missing Authorization vulnerability in weDevs WooCommerce Conversion Tracking.This issue affects WooCommerce Conversion Tracking: from n/a through 2.0.11.
CVE-2023-52186	1 Woo	1 Product Vendors	2024-11-21	5.3 Medium
Missing Authorization vulnerability in Woo WooCommerce Product Vendors.This issue affects WooCommerce Product Vendors: from n/a through 2.2.2.
CVE-2023-52117	1 Metagauss	1 Profilegrid	2024-11-21	4.3 Medium
Missing Authorization vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid: from n/a through 5.6.6.
CVE-2023-51682	1 Ibericode	1 Mailchimp	2024-11-21	5.3 Medium
Missing Authorization vulnerability in ibericode MC4WP.This issue affects MC4WP: from n/a through 4.9.9.
CVE-2023-51680	1 Technovama	1 Quotes For Woocommerce	2024-11-21	4.3 Medium
Missing Authorization vulnerability in TechnoVama Quotes for WooCommerce.This issue affects Quotes for WooCommerce: from n/a through 2.0.1.
CVE-2023-51671	1 Funnelkit	1 Funnelkit Checkout	2024-11-21	5.4 Medium
Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through 3.10.3.
CVE-2023-51670	1 Funnelkit	1 Funnelkit Checkout	2024-11-21	4.3 Medium
Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.This issue affects FunnelKit Checkout: from n/a through 3.10.3.
CVE-2023-51537	1 Awesomesupport	1 Awesome Support Wordpress Helpdesk \& Support	2024-11-21	5.3 Medium
Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.5.
CVE-2023-51524	1 Weformspro	1 Weforms	2024-11-21	4.3 Medium
Missing Authorization vulnerability in weForms.This issue affects weForms: from n/a through 1.6.18.
CVE-2023-51516	1 Businessdirectoryplugin	1 Business Directory	2024-11-21	5.4 Medium
Missing Authorization vulnerability in Business Directory Team Business Directory Plugin.This issue affects Business Directory Plugin: from n/a through 6.3.9.
CVE-2023-51507	1 Expresstech	1 Quiz And Survey Master	2024-11-21	5.3 Medium
Missing Authorization vulnerability in ExpressTech Quiz And Survey Master.This issue affects Quiz And Survey Master: from n/a through 8.1.16.
CVE-2023-51497	1 Woocommerce	1 Shipping Multiple Addresses	2024-11-21	5.4 Medium
Missing Authorization vulnerability in Woo WooCommerce Ship to Multiple Addresses.This issue affects WooCommerce Ship to Multiple Addresses: from n/a through 3.8.9.

« first previous Page 320 of 395. next last »