| 2024-10-10 | CVE-2024-9685 | Missing Authorization vulnerability in Andreamarinucci Notification for Telegram
The Notification for Telegram plugin for WordPress is vulnerable to unauthorized test message sending due to a missing capability check on the 'nftb_test_action' function in versions up to, and including, 3.3.1. | 4.3 |
| 2024-10-08 | CVE-2024-8431 | The Photo Gallery, Images, Slider in Rbs Image Gallery plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajaxGetGalleryJson() function in all versions up to, and including, 3.2.21. | 4.3 |
| 2024-10-05 | CVE-2024-9161 | The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'update_metadata' function in all versions up to, and including, 1.0.228. | 6.5 |
| 2024-10-04 | CVE-2024-47768 | Missing Authorization vulnerability in Lifplatforms LIF Authentication Server
Lif Authentication Server is a server used by Lif to do various tasks regarding Lif accounts. | 8.1 |
| 2024-10-02 | CVE-2024-20438 | Missing Authorization vulnerability in Cisco Nexus Dashboard and Nexus Dashboard Fabric Controller
A vulnerability in the REST API endpoints of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to read or write files on an affected device. This vulnerability exists because of missing authorization controls on some REST API endpoints. | 5.4 |
| 2024-10-02 | CVE-2024-20442 | Missing Authorization vulnerability in Cisco Nexus Dashboard and Nexus Dashboard Fabric Controller
A vulnerability in the REST API endpoints of Cisco Nexus Dashboard could allow an authenticated, low-privileged, remote attacker to perform limited Administrator actions on an affected device. This vulnerability is due to insufficient authorization controls on some REST API endpoints. | 5.4 |
| 2024-10-02 | CVE-2024-20477 | Missing Authorization vulnerability in Cisco Nexus Dashboard and Nexus Dashboard Fabric Controller
A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to upload or delete files on an affected device. This vulnerability exists because of missing authorization controls on the affected REST API endpoint. | 5.4 |
| 2024-10-01 | CVE-2024-8430 | The Spice Starter Sites plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the spice_starter_sites_importer_creater function in all versions up to, and including, 1.2.5. | 5.3 |
| 2024-10-01 | CVE-2024-8548 | The KB Support – WordPress Help Desk and Knowledge Base plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on several functions in all versions up to, and including, 1.6.6. | 8.1 |
| 2024-10-01 | CVE-2024-8632 | The KB Support – WordPress Help Desk and Knowledge Base plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'kbs_ajax_load_front_end_replies' and 'kbs_ajax_mark_reply_as_read' functions in all versions up to, and including, 1.6.6. | 6.5 |