VYPR

CVEs

100,081 total · page 688 of 2,002

  • CVE-2024-33556HigMay 17, 2024
    risk 0.53cvss 8.2epss 0.01

    Unrestricted Upload of File with Dangerous Type vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.8.

  • CVE-2023-41957HigMay 17, 2024
    risk 0.56cvss 8.6epss 0.01

    Improper Privilege Management vulnerability in smp7, wp.Insider Simple Membership allows Privilege Escalation.This issue affects Simple Membership: from n/a through 4.3.4.

  • CVE-2023-41956HigMay 17, 2024
    risk 0.57cvss 8.8epss 0.01

    Improper Authentication vulnerability in smp7, wp.Insider Simple Membership.This issue affects Simple Membership: from n/a through 4.3.4.

  • CVE-2023-41955HigMay 17, 2024
    risk 0.57cvss 8.8epss 0.01

    Improper Privilege Management vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation.This issue affects Essential Addons for Elementor: from n/a through 5.8.8.

  • CVE-2023-41954HigMay 17, 2024
    risk 0.56cvss 8.6epss 0.01

    Improper Privilege Management vulnerability in ProfilePress Membership Team ProfilePress allows Privilege Escalation.This issue affects ProfilePress: from n/a through 4.13.1.

  • CVE-2023-41665HigMay 17, 2024
    risk 0.57cvss 8.8epss 0.01

    Improper Privilege Management vulnerability in GiveWP allows Privilege Escalation.This issue affects GiveWP: from n/a through 2.33.0.

  • CVE-2023-41243HigMay 17, 2024
    risk 0.57cvss 8.8epss 0.01

    Improper Privilege Management vulnerability in WPvivid Team WPvivid Backup and Migration allows Privilege Escalation.This issue affects WPvivid Backup and Migration: from n/a through 0.9.90.

  • CVE-2023-39163HigMay 17, 2024
    risk 0.56cvss 8.6epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Averta Phlox Shop allows PHP Local File Inclusion.This issue affects Phlox Shop: from n/a through 2.0.0.

  • CVE-2023-38399HigMay 17, 2024
    risk 0.56cvss 8.6epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Averta Phlox Portfolio allows PHP Local File Inclusion.This issue affects Phlox Portfolio: from n/a through 2.3.1.

  • CVE-2023-37888HigMay 17, 2024
    risk 0.49cvss 7.6epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in By Averta Shortcodes and extra features for Phlox theme allows PHP Local File Inclusion.This issue affects Shortcodes and extra features for Phlox theme: from n/a through 2.14.0.

  • CVE-2023-37866HigMay 17, 2024
    risk 0.47cvss 7.2epss 0.01

    Improper Privilege Management vulnerability in Crocoblock JetFormBuilder allows Privilege Escalation.This issue affects JetFormBuilder: from n/a through 3.0.8.

  • CVE-2023-37389HigMay 17, 2024
    risk 0.57cvss 8.8epss 0.01

    Improper Privilege Management vulnerability in SAASPROJECT Booking Package Booking Package allows Privilege Escalation.This issue affects Booking Package: from n/a through 1.5.98.

  • CVE-2023-37385HigMay 17, 2024
    risk 0.47cvss 7.3epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in StylemixThemes Consulting allows PHP Local File Inclusion.This issue affects Consulting: from n/a through 6.5.6.

  • CVE-2023-35881HigMay 17, 2024
    risk 0.49cvss 7.6epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WooCommerce WooCommerce One Page Checkout allows PHP Local File Inclusion.This issue affects WooCommerce One Page Checkout: from n/a through 2.3.0.

  • CVE-2023-32110HigMay 17, 2024
    risk 0.49cvss 7.6epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in artbees JupiterX allows PHP Local File Inclusion.This issue affects JupiterX: from n/a through 3.0.0.

  • CVE-2023-26526HigMay 17, 2024
    risk 0.50cvss 7.7epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Nota-Info Bookly allows Path Traversal, Manipulating Web Input to File System Calls.This issue affects Bookly: from n/a through 21.7.1.

  • CVE-2023-25050HigMay 17, 2024
    risk 0.46cvss 7.1epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Vova Anokhin Shortcodes Ultimate allows Absolute Path Traversal.This issue affects Shortcodes Ultimate: from n/a through 5.12.6.

  • CVE-2023-23990HigMay 17, 2024
    risk 0.49cvss 7.6epss 0.01

    Improper Privilege Management vulnerability in Qube One Ltd. Redirection for Contact Form 7 wpcf7-redirect allows Privilege Escalation.This issue affects Redirection for Contact Form 7: from n/a through 2.7.0.

  • CVE-2023-23988HigMay 17, 2024
    risk 0.49cvss 7.5epss 0.01

    Missing Authorization vulnerability in Joseph C Dolson My Tickets.This issue affects My Tickets: from n/a through 1.9.11.

  • CVE-2023-23888HigMay 17, 2024
    risk 0.49cvss 7.6epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Rank Math Rank Math SEO allows Path Traversal.This issue affects Rank Math SEO: from n/a through 1.0.107.2.

  • CVE-2023-23700HigMay 17, 2024
    risk 0.49cvss 7.6epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OceanWP allows PHP Local File Inclusion.This issue affects OceanWP: from n/a through 3.4.1.

  • CVE-2022-45374HigMay 17, 2024
    risk 0.50cvss 7.7epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in YARPP allows PHP Local File Inclusion.This issue affects YARPP: from n/a through 5.30.4.

  • CVE-2022-45368HigMay 17, 2024
    risk 0.50cvss 7.7epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Lenderd 1003 Mortgage Application allows Relative Path Traversal.This issue affects 1003 Mortgage Application: from n/a through 1.75.

  • CVE-2024-34752HigMay 17, 2024
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PluginOps Landing Page Builder allows Reflected XSS.This issue affects Landing Page Builder: from n/a through 1.5.1.8.

  • CVE-2024-30060HigMay 16, 2024
    risk 0.51cvss 7.8epss 0.00

    Azure Monitor Agent Elevation of Privilege Vulnerability

  • CVE-2024-24981HigMay 16, 2024
    risk 0.49cvss 7.5epss 0.00

    Improper input validation in PfrSmiUpdateFw driver in UEFI firmware for some Intel(R) Server M50FCP Family products may allow a privileged user to enable escalation of privilege via local access.

  • CVE-2024-23980HigMay 16, 2024
    risk 0.49cvss 7.5epss 0.00

    Improper buffer restrictions in PlatformPfrDxe driver in UEFI firmware for some Intel(R) Server D50FCP Family products may allow a privileged user to enable escalation of privilege via local access.

  • CVE-2024-23487HigMay 16, 2024
    risk 0.49cvss 7.5epss 0.00

    Improper input validation in UserAuthenticationSmm driver in UEFI firmware for some Intel(R) Server D50DNP Family products may allow a privileged user to enable escalation of privilege via local access.

  • CVE-2024-22382HigMay 16, 2024
    risk 0.49cvss 7.5epss 0.00

    Improper input validation in PprRequestLog module in UEFI firmware for some Intel(R) Server D50DNP Family products may allow a privileged user to enable escalation of privilege via local access.

  • CVE-2024-22095HigMay 16, 2024
    risk 0.47cvss 7.2epss 0.00

    Improper input validation in PlatformVariableInitDxe driver in UEFI firmware for some Intel(R) Server D50DNP Family products may allow a privileged user to enable escalation of privilege via local access.

  • CVE-2024-21864HigMay 16, 2024
    risk 0.51cvss 7.8epss 0.00

    Improper neutralization in some Intel(R) Arc(TM) & Iris(R) Xe Graphics software before version 31.0.101.5081 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent network access.

  • CVE-2024-21823HigMay 16, 2024
    risk 0.49cvss 7.5epss 0.00

    Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable escalation of privilege local access

  • CVE-2024-21813HigMay 16, 2024
    risk 0.51cvss 7.9epss 0.00

    Exposure of resource to wrong sphere in some Intel(R) DTT software installers may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2023-46691HigMay 16, 2024
    risk 0.51cvss 7.9epss 0.00

    Use after free in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2023-46689HigMay 16, 2024
    risk 0.57cvss 8.8epss 0.00

    Improper neutralization in Intel(R) Power Gadget software for macOS all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2023-45745HigMay 16, 2024
    risk 0.51cvss 7.9epss 0.00

    Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2023-45217HigMay 16, 2024
    risk 0.57cvss 8.8epss 0.00

    Improper access control in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2023-43748HigMay 16, 2024
    risk 0.51cvss 7.8epss 0.00

    Improper access control in some Intel(R) GPA Framework software installers before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2023-43629HigMay 16, 2024
    risk 0.51cvss 7.8epss 0.00

    Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2023-42773HigMay 16, 2024
    risk 0.57cvss 8.8epss 0.00

    Improper neutralization in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2023-41092HigMay 16, 2024
    risk 0.49cvss 7.6epss 0.00

    Unchecked return value in SDM firmware for Intel(R) Stratix 10 and Intel(R) Agilex 7 FPGAs before version 23.3 may allow an authenticated user to potentially enable denial of service via adjacent access.

  • CVE-2023-40071HigMay 16, 2024
    risk 0.47cvss 7.3epss 0.00

    Improper access control in some Intel(R) GPA software installers before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2023-40070HigMay 16, 2024
    risk 0.57cvss 8.8epss 0.00

    Improper access control in some Intel(R) Power Gadget software for macOS all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2023-38654HigMay 16, 2024
    risk 0.53cvss 8.2epss 0.00

    Improper input validation for some some Intel(R) PROSet/Wireless WiFi software for Windows before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

  • CVE-2023-38581HigMay 16, 2024
    risk 0.57cvss 8.8epss 0.00

    Buffer overflow in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2023-28402HigMay 16, 2024
    risk 0.47cvss 7.2epss 0.00

    Improper input validation in some Intel(R) BIOS Guard firmware may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2023-27504HigMay 16, 2024
    risk 0.47cvss 7.2epss 0.00

    Improper conditions check in some Intel(R) BIOS Guard firmware may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2023-24460HigMay 16, 2024
    risk 0.53cvss 8.2epss 0.00

    Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2022-37410HigMay 16, 2024
    risk 0.46cvss 7.0epss 0.00

    Improper access control for some Intel(R) Thunderbolt driver software before version 89 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2022-37341HigMay 16, 2024
    risk 0.47cvss 7.2epss 0.00

    Improper access control in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local access.