| 2024-11-15 | CVE-2024-10311 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Cmorillas1 External Database Based Actions 0.1
The External Database Based Actions plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 0.1. | 8.8 |
| 2024-11-13 | CVE-2024-11028 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Icdsoft Multimanager WP
The MultiManager WP – Manage All Your WordPress Sites Easily plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.5. | 9.8 |
| 2024-11-12 | CVE-2024-10245 | The Relais 2FA plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0. network low complexity CWE-288 critical | 9.8 |
| 2024-10-29 | CVE-2024-9988 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Odude Crypto Tool
The Crypto plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.15. | 9.8 |
| 2024-10-29 | CVE-2024-9989 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Odude Crypto Tool
The Crypto plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.15. | 9.8 |
| 2024-10-29 | CVE-2024-50334 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Erudika Scoold
Scoold is a Q&A and a knowledge sharing platform for teams. | 5.3 |
| 2024-10-28 | CVE-2024-10438 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Sun.Net Ehdr Ctms
The eHRD CTMS from Sunnet has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to bypass authentication by satisfying specific conditions in order to access certain functionalities. | 7.5 |
| 2024-10-26 | CVE-2024-9501 | The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 3.0.7. network low complexity CWE-288 critical | 9.8 |
| 2024-10-26 | CVE-2024-9890 | The User Toolkit plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.2.3. | 8.8 |
| 2024-10-26 | CVE-2024-9930 | The Extensions by HocWP Team plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 0.2.3.2. network low complexity CWE-288 critical | 9.8 |