Total
5473 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-36425 | 1 Fastlinemedia | 1 Beaver Builder | 2024-11-21 | N/A | 5.4 MEDIUM |
| Broken Access Control vulnerability in Beaver Builder plugin <= 2.5.4.3 at WordPress. | |||||
| CVE-2022-36387 | 1 About-me Project | 1 About-me | 2024-11-21 | N/A | 7.6 HIGH |
| Broken Access Control vulnerability in Alessio Caiazza's About Me plugin <= 1.0.12 at WordPress. | |||||
| CVE-2022-36375 | 1 Oxilab | 1 Responsive Tabs | 2024-11-21 | N/A | 7.2 HIGH |
| Authenticated (high role user) WordPress Options Change vulnerability in Biplob Adhikari's Tabs plugin <= 3.6.0 at WordPress. | |||||
| CVE-2022-35242 | 1 59sec | 1 The Leads Management System\ | 2024-11-21 | N/A | 6.5 MEDIUM |
| Unauthenticated plugin settings change vulnerability in 59sec THE Leads Management System: 59sec LITE plugin <= 3.4.1 at WordPress. | |||||
| CVE-2022-35238 | 1 Brinidesigner | 1 Awesome Filterable Portfolio | 2024-11-21 | N/A | 6.5 MEDIUM |
| Unauthenticated Plugin Settings Change vulnerability in Awesome Filterable Portfolio plugin <= 1.9.7 at WordPress. | |||||
| CVE-2022-34868 | 1 Yookassa | 1 Yukassa For Woocommerce | 2024-11-21 | N/A | 8.8 HIGH |
| Authenticated Arbitrary Settings Update vulnerability in YooMoney ЮKassa для WooCommerce plugin <= 2.3.0 at WordPress. | |||||
| CVE-2022-34487 | 1 Oxilab | 1 Shortcode Addons | 2024-11-21 | N/A | 9.8 CRITICAL |
| Unauthenticated Arbitrary Option Update vulnerability in biplob018's Shortcode Addons plugin <= 3.0.2 at WordPress. | |||||
| CVE-2022-34149 | 1 Miniorange | 1 Wp Oauth Server | 2024-11-21 | N/A | 9.8 CRITICAL |
| Authentication Bypass vulnerability in miniOrange WP OAuth Server plugin <= 3.0.4 at WordPress. | |||||
| CVE-2022-33970 | 1 Oxilab | 1 Shortcode Addons | 2024-11-21 | N/A | 7.2 HIGH |
| Authenticated WordPress Options Change vulnerability in Biplob018 Shortcode Addons plugin <= 3.1.2 at WordPress. | |||||
| CVE-2022-33969 | 1 Oxilab | 1 Flipbox | 2024-11-21 | N/A | 7.2 HIGH |
| Authenticated WordPress Options Change vulnerability in Biplob Adhikari's Flipbox plugin <= 2.6.0 at WordPress. | |||||
| CVE-2022-33198 | 1 Oxilab | 1 Accordions | 2024-11-21 | N/A | 9.8 CRITICAL |
| Unauthenticated WordPress Options Change vulnerability in Biplob Adhikari's Accordions plugin <= 2.0.2 at WordPress. | |||||
| CVE-2022-29444 | 1 Cloudways | 1 Breeze | 2024-11-21 | 3.5 LOW | 6.5 MEDIUM |
| Plugin Settings Change leading to Cross-Site Scripting (XSS) vulnerability in Cloudways Breeze plugin <= 2.0.2 on WordPress allows users with a subscriber or higher user role to execute any of the wp_ajax_* actions in the class Breeze_Configuration which includes the ability to change any of the plugin's settings including CDN setting which could be further used for XSS attack. | |||||
| CVE-2022-29423 | 1 Edmonsoft | 1 Countdown Builder | 2024-11-21 | 7.5 HIGH | 3.8 LOW |
| Pro Features Lock Bypass vulnerability in Countdown & Clock plugin <= 2.3.2 at WordPress. | |||||
| CVE-2022-27235 | 1 Supsystic | 1 Social Share Buttons | 2024-11-21 | N/A | 6.3 MEDIUM |
| Multiple Broken Access Control vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress. | |||||
| CVE-2022-25649 | 1 Storeapps | 1 Affiliate For Woocommerce | 2024-11-21 | N/A | 5.0 MEDIUM |
| Multiple Improper Access Control vulnerabilities in StoreApps Affiliate For WooCommerce premium plugin <= 4.7.0 at WordPress. | |||||
| CVE-2022-23731 | 1 Lg | 1 Webos | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| V8 javascript engine (heap vulnerability) can cause privilege escalation ,which can impact on some webOS TV models. | |||||
| CVE-2022-1548 | 1 Mattermost | 1 Playbooks | 2024-11-21 | 6.5 MEDIUM | 3.7 LOW |
| Mattermost Playbooks plugin 1.25 and earlier fails to properly restrict user-level permissions, which allows playbook members to escalate their membership privileges and perform actions restricted to playbook admins. | |||||
| CVE-2022-0237 | 1 Rapid7 | 1 Insight Agent | 2024-11-21 | 7.2 HIGH | 4.0 MEDIUM |
| Rapid7 Insight Agent versions 3.1.2.38 and earlier suffer from a privilege escalation vulnerability, whereby an attacker can hijack the flow of execution due to an unquoted argument to the runas.exe command used by the ir_agent.exe component, resulting in elevated rights and persistent access to the machine. This issue was fixed in Rapid7 Insight Agent version 3.1.3.80. | |||||
| CVE-2021-36879 | 1 Stylemixthemes | 1 Ulisting | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Unauthenticated Privilege Escalation vulnerability in WordPress uListing plugin (versions <= 2.0.5). Possible if WordPress configuration allows user registration. | |||||
| CVE-2021-33036 | 1 Apache | 1 Hadoop | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| In Apache Hadoop 2.2.0 to 2.10.1, 3.0.0-alpha1 to 3.1.4, 3.2.0 to 3.2.2, and 3.3.0 to 3.3.1, a user who can escalate to yarn user can possibly run arbitrary commands as root user. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher. | |||||