CVE Database

Incorrect Authorization vulnerability in WP Chill Htaccess File Editor htaccess-file-editor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Htaccess File Editor: from n/a through <= 1.0.18.

An issue in the Bluetooth Low Energy implementation of Cypress Bluetooth SDK v3.66 allows attackers to cause a Denial of Service (DoS) via supplying a crafted LL_PAUSE_ENC_REQ packet.

Missing Authorization vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Happy Addons for Elementor: from n/a through <= 3.12.3.

Missing Authorization vulnerability in ShortPixel ShortPixel Image Optimizer shortpixel-image-optimiser allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShortPixel Image Optimizer: from n/a through <= 5.6.3.

Missing Authorization vulnerability in Imran Tauqeer CubeWP cubewp-framework allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CubeWP: from n/a through <= 1.1.15.

Missing Authorization vulnerability in WP Chill Strong Testimonials strong-testimonials.This issue affects Strong Testimonials: from n/a through <= 3.1.16.

Missing Authorization vulnerability in WPVibes Elementor Addon Elements addon-elements-for-elementor-page-builder.This issue affects Elementor Addon Elements: from n/a through <= 1.13.6.

Cross-Site Request Forgery (CSRF) vulnerability in averta Depicter Slider depicter.This issue affects Depicter Slider: from n/a through <= 3.2.2.

Missing Authorization vulnerability in Daniel Iser Popup Maker popup-maker.This issue affects Popup Maker: from n/a through <= 1.19.2.

Missing Authorization vulnerability in Fahad Mahmood WP Datepicker wp-datepicker.This issue affects WP Datepicker: from n/a through <= 2.1.1.

Missing Authorization vulnerability in Magazine3 PWA for WP & AMP pwa-for-wp.This issue affects PWA for WP & AMP: from n/a through <= 1.7.72.

Missing Authorization vulnerability in Ads by WPQuads Ads by WPQuads quick-adsense-reloaded.This issue affects Ads by WPQuads: from n/a through <= 2.0.84.

Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through <= 3.2.8.

Missing Authorization vulnerability in Kraft Plugins Wheel of Life wheel-of-life allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wheel of Life: from n/a through <= 1.1.8.

Missing Authorization vulnerability in WPDeveloper Templately templately.This issue affects Templately: from n/a through <= 3.1.2.

Missing Authorization vulnerability in Shahjahan Jewel Fluent Support fluent-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fluent Support: from n/a through <= 1.8.0.

Missing Authorization vulnerability in HelloAsso HelloAsso helloasso.This issue affects HelloAsso: from n/a through <= 1.1.10.

Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through <= 3.2.9.

Missing Authorization vulnerability in beardev JoomSport joomsport-sports-league-results-management.This issue affects JoomSport: from n/a through <= 5.6.3.

Missing Authorization vulnerability in truepushplugin Truepush truepush-free-web-push-notifications.This issue affects Truepush: from n/a through <= 1.0.8.

Missing Authorization vulnerability in prasadkirpekar WP Free SSL – Free SSL Certificate for WordPress and force HTTPS wp-free-ssl.This issue affects WP Free SSL – Free SSL Certificate for WordPress and force HTTPS: from n/a through <= 1.2.7.

Missing Authorization vulnerability in Renzo Johnson Contact Form 7 Campaign Monitor Extension contact-form-7-campaign-monitor-extension.This issue affects Contact Form 7 Campaign Monitor Extension: from n/a through <= 0.4.67.

Missing Authorization vulnerability in Amir Helzer WooCommerce Multilingual & Multicurrency woocommerce-multilingual.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through <= 5.3.6.

Missing Authorization vulnerability in Stiofan GetPaid invoicing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GetPaid: from n/a through <= 2.8.11.

Broken Access Control vulnerability in Automattic Newspack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newspack: from n/a through 3.8.6.

Missing Authorization vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite the-plus-addons-for-elementor-page-builder.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through <= 5.6.2.

Missing Authorization vulnerability in Vito Peleg Atarim atarim-visual-collaboration.This issue affects Atarim: from n/a through <= 4.0.1.

Missing Authorization vulnerability in Presto Made, Inc Presto Player allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Presto Player: from n/a through 3.0.2.

Missing Authorization vulnerability in AyeCode Ltd UsersWP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UsersWP: from n/a through 1.2.15.

Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.8.6.

Missing Authorization vulnerability in icegram Icegram Collect plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Icegram Collect plugin: from n/a through 1.3.14.

Missing Authorization vulnerability in WPBackItUp Backup and Restore WordPress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Backup and Restore WordPress: from n/a through 1.50.

Access Control vulnerability in WPBackItUp Backup and Restore WordPress allows . This issue affects Backup and Restore WordPress: from n/a through 1.50.

Missing Authorization vulnerability in Creative Motion Clearfy Cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clearfy Cache: from n/a through 2.2.4.

Missing Authorization vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders.This issue affects Smart Online Order for Clover: from n/a through <= 1.5.6.

Missing Authorization vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders.This issue affects Smart Online Order for Clover: from n/a through <= 1.5.6.

Missing Authorization vulnerability in MetaBox.Io Meta Box – WordPress Custom Fields Framework allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Meta Box – WordPress Custom Fields Framework: from n/a through 5.9.10.

Missing Authorization vulnerability in Cornel Raiu WP Search Analytics search-analytics.This issue affects WP Search Analytics: from n/a through <= 1.4.9.

Missing Authorization vulnerability in ووکامرس فارسی Persian WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Persian WooCommerce: from n/a through 7.1.6.

Missing Authorization vulnerability in creativemotion Social Slider Feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social Slider Feed: from n/a through 2.2.2.

Missing Authorization vulnerability in MagePeople Team WpTravelly allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WpTravelly: from n/a through 1.7.7.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PluginOps MailChimp Subscribe Forms allows Stored XSS.This issue affects MailChimp Subscribe Forms : from n/a through 4.0.9.9.

Missing Authorization vulnerability in Bitly allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bitly: from n/a through 2.7.2.

Missing Authorization vulnerability in Matt Miller Send Emails with Mandrill send-emails-with-mandrill allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Send Emails with Mandrill: from n/a through <= 1.4.1.

Missing Authorization vulnerability in masteriyo Masteriyo - LMS learning-management-system.This issue affects Masteriyo - LMS: from n/a through <= 1.11.6.

Missing Authorization vulnerability in masteriyo Masteriyo - LMS learning-management-system.This issue affects Masteriyo - LMS: from n/a through <= 1.11.4.

Missing Authorization vulnerability in nCrafts FormCraft allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FormCraft: from n/a through 1.2.10.

Missing Authorization vulnerability in BracketSpace Advanced Cron Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Cron Manager – debug & control: from n/a through 2.5.9.

Missing Authorization vulnerability in Ahmed Kaludi, Mohammed Kaludi AMP for WP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AMP for WP: from n/a through 1.0.96.1.

Missing Authorization vulnerability in Roundup WP Registrations for the Events Calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Registrations for the Events Calendar: from n/a through 2.12.1.