Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-12-09 CVE-2023-23715 Missing Authorization vulnerability in Ultimatemember Jobboardwp
Missing Authorization vulnerability in JobBoardWP JobBoardWP – Job Board Listings and Submissions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JobBoardWP – Job Board Listings and Submissions: from n/a through 1.2.2.
network
low complexity
ultimatemember CWE-862
8.8
2024-12-09 CVE-2023-23825 Missing Authorization vulnerability in Brainstormforce Spectra
Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.3.0.
network
low complexity
brainstormforce CWE-862
8.8
2024-12-09 CVE-2023-23834 Missing Authorization vulnerability in Brainstormforce Spectra
Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.3.0.
network
low complexity
brainstormforce CWE-862
critical
9.8
2024-12-09 CVE-2023-23895 Missing Authorization vulnerability in Codepeople WP Time Slots Booking Form
Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Time Slots Booking Form: from n/a through 1.1.82.
network
low complexity
codepeople CWE-862
7.2
2024-12-09 CVE-2023-24407 Missing Authorization vulnerability in Wpdevart Booking Calendar
Missing Authorization vulnerability in WpDevArt Booking calendar, Appointment Booking System allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.3.
network
low complexity
wpdevart CWE-862
8.8
2024-12-09 CVE-2023-29429 Unspecified vulnerability in Wpeverest User Registration
Missing Authorization vulnerability in WPEverest User Registration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Registration: from n/a through 2.3.2.1.
network
low complexity
wpeverest
5.3
2024-12-09 CVE-2023-30748 Cross-site Scripting vulnerability in Easy-Appointments Easy Appointments
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nikola Loncar Easy Appointments allows Stored XSS.This issue affects Easy Appointments: from n/a through 3.10.7.
network
low complexity
easy-appointments CWE-79
6.1
2024-12-09 CVE-2023-30873 Missing Authorization vulnerability in Androidbubble WP Docs
Missing Authorization vulnerability in Fahad Mahmood WP Docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through 1.9.8.
network
low complexity
androidbubble CWE-862
8.8
2024-12-09 CVE-2023-47760 Missing Authorization vulnerability in Wpdeveloper Essential Blocks
Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Blocks for Gutenberg: from n/a through 4.2.0.
network
low complexity
wpdeveloper CWE-862
8.8
2024-12-09 CVE-2023-47805 Unspecified vulnerability in Themewinter Wpcafe
Missing Authorization vulnerability in Themewinter WPCafe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCafe: from n/a through 2.2.22.
network
low complexity
themewinter
critical
9.8