| 2024-10-12 | CVE-2024-9187 | The Read more By Adam plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the deleteRm() function in all versions up to, and including, 1.1.8. | 4.3 |
| 2024-10-12 | CVE-2024-9824 | The ImagePress – Image Gallery plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'ip_delete_post' and 'ip_update_post_title' functions in all versions up to, and including, 1.2.2. | 4.3 |
| 2024-10-12 | CVE-2024-9860 | The Bridge Core plugin for WordPress is vulnerable to unauthorized modification of data or loss of data due to a missing capability check on the 'import_action' and 'install_plugin_per_demo' functions in versions up to, and including, 3.3. | 6.5 |
| 2024-10-11 | CVE-2024-9586 | The Linkz.ai plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'check_auth' and 'check_logout' functions in versions up to, and including, 1.1.8. | 6.5 |
| 2024-10-11 | CVE-2024-9587 | The Linkz.ai plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajax_linkz' function in versions up to, and including, 1.1.8. | 5.4 |
| 2024-10-10 | CVE-2024-48902 | Missing Authorization vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2024.3.46677 improper access control allowed users with project update permission to delete applications via API | 5.4 |
| 2024-10-10 | CVE-2024-9067 | Missing Authorization vulnerability in Kainelabs Youzify
The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'delete_attachment' function in all versions up to, and including, 1.3.0. | 4.3 |
| 2024-10-10 | CVE-2024-9520 | Missing Authorization vulnerability in Wpuserplus Userplus 1.0/1.1/2.0
The UserPlus plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.0. | 5.4 |
| 2024-10-10 | CVE-2024-8513 | Missing Authorization vulnerability in Quarka QA Analytics
The QA Analytics – Web Analytics Tool with Heatmaps & Session Replay Across All Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_save_plugin_config() function in all versions up to, and including, 4.1.0.0. | 5.3 |
| 2024-10-10 | CVE-2024-9065 | Missing Authorization vulnerability in Matbao WP Helper Premium
The WP Helper Premium plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'whp_smtp_send_mail_test' function in all versions up to, and including, 4.6.1. | 5.3 |