NVD Vulnerability Information Top

Show Search Menu

Vendor Name
プロダクト・サービス名
Title
CRITICAL
HIGH
MEDIUM
LOW
CVE
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

NVD Vulnerability Information Top

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

CRITICAL
HIGH
MEDIUM
LOW

Update Date:May 17, 2024, 8:35 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
51	-	-	-	-	Authentication Bypass by Spoofing vulnerability in Wpmet Wp Ultimate Review allows Functionality Bypass.This issue affects Wp Ultimate Review: from n/a through 2.3.2. New	CWE-290 Authentication Bypass by Spoofing	CVE-2024-21746	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

52	-	-	-	-	Improper Privilege Management vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels allows Privilege Escalation.This issue affects WooCommerce PDF Inv… New	CWE-269 Improper Privilege Management	CVE-2023-51546	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

53	-	-	-	-	Improper Privilege Management vulnerability in Glowlogix WP Frontend Profile allows Privilege Escalation.This issue affects WP Frontend Profile: from n/a through 1.3.1. New	CWE-269 Improper Privilege Management	CVE-2023-51483	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

54	-	-	-	-	Improper Privilege Management vulnerability in powerfulwp Local Delivery Drivers for WooCommerce allows Privilege Escalation.This issue affects Local Delivery Drivers for WooCommerce: from n/a throug… New	CWE-269 Improper Privilege Management	CVE-2023-51481	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

55	-	-	-	-	Improper Privilege Management vulnerability in Abdul Hakeem Build App Online allows Privilege Escalation.This issue affects Build App Online: from n/a through 1.0.19. New	CWE-269 Improper Privilege Management	CVE-2023-51479	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

56	-	-	-	-	Improper Privilege Management vulnerability in IOSS WP MLM Unilevel allows Privilege Escalation.This issue affects WP MLM Unilevel: from n/a through 4.0. New	CWE-269 Improper Privilege Management	CVE-2023-51476	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

57	-	-	-	-	Improper Privilege Management vulnerability in Saleswonder Team WebinarIgnition allows Privilege Escalation.This issue affects WebinarIgnition: from n/a through 3.05.0. New	CWE-269 Improper Privilege Management	CVE-2023-51424	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

58	-	-	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder allows Relative Path Traversal.This issue affects U… New	CWE-22 Path Traversal	CVE-2023-51401	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

59	-	-	-	-	Improper Privilege Management vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder allows Privilege Escalation.This issue affects Ultimate Addons for Beaver Builder: from n/a through … New	-	CVE-2023-51398	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

60	-	-	-	-	Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through 4.0.10. New	CWE-269 Improper Privilege Management	CVE-2023-51356	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

61	-	-	-	-	Improper Privilege Management vulnerability in Brainstorm Force Ultimate Addons for Elementor allows Privilege Escalation.This issue affects Ultimate Addons for Elementor: from n/a through 1.36.20. New	CWE-269 Improper Privilege Management	CVE-2023-50890	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

62	-	-	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in spoonthemes Adifier System allows PHP Local File Inclusion.This issue affects Adifier System: from n/a … New	CWE-22 Path Traversal	CVE-2023-49753	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

63	-	-	-	-	Improper Privilege Management vulnerability in Crocoblock JetEngine allows Privilege Escalation.This issue affects JetEngine: from n/a through 3.2.4. New	CWE-269 Improper Privilege Management	CVE-2023-48757	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

64	-	-	-	-	Improper Privilege Management vulnerability in Salon Booking System Salon booking system allows Privilege Escalation.This issue affects Salon booking system: from n/a through 8.6. New	CWE-269 Improper Privilege Management	CVE-2023-48319	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

65	-	-	-	-	Improper Privilege Management vulnerability in wpForo wpForo Forum allows Privilege Escalation.This issue affects wpForo Forum: from n/a through 2.2.3. New	CWE-269 Improper Privilege Management	CVE-2023-47868	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

66	-	-	-	-	Improper Privilege Management vulnerability in Thrive Themes Thrive Theme Builder allows Privilege Escalation.This issue affects Thrive Theme Builder: from n/a before 3.24.0. New	CWE-269 Improper Privilege Management	CVE-2023-47782	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

67	-	-	-	-	Improper Privilege Management vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) allows Privilege Escalation.This issue affects WordPress Social Logi… New	CWE-269 Improper Privilege Management	CVE-2023-47683	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

68	-	-	-	-	Improper Privilege Management vulnerability in weDevs WP User Frontend allows Privilege Escalation.This issue affects WP User Frontend: from n/a through 3.6.5. New	CWE-269 Improper Privilege Management	CVE-2023-47682	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

69	-	-	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in QODE Interactive Qi Addons For Elementor allows PHP Local File Inclusion.This issue affects Qi Addons F… New	CWE-22 Path Traversal	CVE-2023-47679	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

70	-	-	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in POSIMYTH Innovation The Plus Addons for Elementor Pro allows PHP Local File Inclusion.This issue affect… New	-	CVE-2023-47178	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

71	-	-	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Server-Side Request Forgery (SSRF) vulnerability in Room 34 Creative Services, LLC ICS Calendar ics-calendar allows Abs… New	CWE-22 CWE-918 Path Traversal Server-Side Request Forgery (SSRF)	CVE-2023-46784	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

72	-	-	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Brainstorm Force Ultimate Addons for WPBakery Page Builder allows PHP Local File Inclusion.This issue a… New	CWE-22 Path Traversal	CVE-2023-46205	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

73	-	-	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in supsystic.Com Popup by Supsystic allows Relative Path Traversal.This issue affects Popup by Supsystic: … New	CWE-22 Path Traversal	CVE-2023-46197	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

74	-	-	-	-	Improper Privilege Management vulnerability in Themify Themify Ultra allows Privilege Escalation.This issue affects Themify Ultra: from n/a through 7.3.5. New	CWE-269 Improper Privilege Management	CVE-2023-46145	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

75	-	-	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Justin Silver Remote Content Shortcode allows PHP Local File Inclusion.This issue affects Remote Conten… New	CWE-22 Path Traversal	CVE-2023-45652	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

76	-	-	-	-	Cross-Site Request Forgery (CSRF) vulnerability in WP Hive Events Rich Snippets for Google allows Exploitation of Trusted Credentials.This issue affects Events Rich Snippets for Google: from n/a thro… New	CWE-352 Origin Validation Error	CVE-2023-44478	2024-05-17 18:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

77	-	-	-	-	Unrestricted Upload of File with Dangerous Type vulnerability in Kognetiks Kognetiks Chatbot for WordPress.This issue affects Kognetiks Chatbot for WordPress: from n/a through 2.0.0. New	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-32700	2024-05-17 18:15	2024-05-15	Show	GitHub Exploit DB Packet Storm

78	-	-	-	-	Improper Restriction of Excessive Authentication Attempts vulnerability in LoginPress LoginPress Pro allows Removing Important Client Functionality.This issue affects LoginPress Pro: from n/a before … Update	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2024-32676	2024-05-17 18:15	2024-04-25	Show	GitHub Exploit DB Packet Storm

79	-	-	-	-	A reflected XSS vulnerability has been found in YzmCMS 7.1. The vulnerability exists in yzmphp/core/class/application.class.php: when logged-in users access a malicious link, their cookies can be cap… New	-	CVE-2024-35110	2024-05-17 17:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

80	-	-	-	-	Unrestricted Upload of File with Dangerous Type vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.8. New	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-33556	2024-05-17 16:16	2024-05-17	Show	GitHub Exploit DB Packet Storm

81	-	-	-	-	Unrestricted Upload of File with Dangerous Type vulnerability in Copymatic Copymatic – AI Content Writer & Generator.This issue affects Copymatic – AI Content Writer & Generator: from n/a through 1.6. New	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-31351	2024-05-17 16:16	2024-05-17	Show	GitHub Exploit DB Packet Storm

82	-	-	-	-	Improper Privilege Management vulnerability in smp7, wp.Insider Simple Membership allows Privilege Escalation.This issue affects Simple Membership: from n/a through 4.3.4. New	CWE-269 Improper Privilege Management	CVE-2023-41957	2024-05-17 16:16	2024-05-17	Show	GitHub Exploit DB Packet Storm

83	-	-	-	-	Improper Authentication vulnerability in smp7, wp.Insider Simple Membership.This issue affects Simple Membership: from n/a through 4.3.4. New	CWE-287 Improper Authentication	CVE-2023-41956	2024-05-17 16:16	2024-05-17	Show	GitHub Exploit DB Packet Storm

84	-	-	-	-	Improper Privilege Management vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation.This issue affects Essential Addons for Elementor: from n/a through 5.8.8. New	CWE-269 Improper Privilege Management	CVE-2023-41955	2024-05-17 16:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

85	-	-	-	-	Improper Privilege Management vulnerability in ProfilePress Membership Team ProfilePress allows Privilege Escalation.This issue affects ProfilePress: from n/a through 4.13.1. New	-	CVE-2023-41954	2024-05-17 16:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

86	-	-	-	-	Improper Privilege Management vulnerability in GiveWP allows Privilege Escalation.This issue affects GiveWP: from n/a through 2.33.0. New	CWE-269 Improper Privilege Management	CVE-2023-41665	2024-05-17 16:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

87	-	-	-	-	Improper Privilege Management vulnerability in WPvivid Team WPvivid Backup and Migration allows Privilege Escalation.This issue affects WPvivid Backup and Migration: from n/a through 0.9.90. New	CWE-269 Improper Privilege Management	CVE-2023-41243	2024-05-17 16:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

88	-	-	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Averta Phlox Shop allows PHP Local File Inclusion.This issue affects Phlox Shop: from n/a through 2.0.0. New	-	CVE-2023-39163	2024-05-17 16:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

89	-	-	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Averta Phlox Portfolio allows PHP Local File Inclusion.This issue affects Phlox Portfolio: from n/a thr… New	CWE-22 Path Traversal	CVE-2023-38399	2024-05-17 16:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

90	-	-	-	-	Improper Privilege Management vulnerability in HasThemes HT Mega allows Privilege Escalation.This issue affects HT Mega: from n/a through 2.2.0. New	CWE-269 Improper Privilege Management	CVE-2023-37999	2024-05-17 16:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

91	-	-	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in By Averta Shortcodes and extra features for Phlox theme allows PHP Local File Inclusion.This issue affe… New	CWE-22 Path Traversal	CVE-2023-37888	2024-05-17 16:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

92	-	-	-	-	Improper Privilege Management vulnerability in Crocoblock JetFormBuilder allows Privilege Escalation.This issue affects JetFormBuilder: from n/a through 3.0.8. New	CWE-269 Improper Privilege Management	CVE-2023-37866	2024-05-17 16:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

93	-	-	-	-	Improper Privilege Management vulnerability in SAASPROJECT Booking Package Booking Package allows Privilege Escalation.This issue affects Booking Package: from n/a through 1.5.98. New	CWE-269 Improper Privilege Management	CVE-2023-37389	2024-05-17 16:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

94	-	-	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in StylemixThemes Consulting allows PHP Local File Inclusion.This issue affects Consulting: from n/a throu… New	CWE-22 Path Traversal	CVE-2023-37385	2024-05-17 16:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

95	-	-	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WooCommerce WooCommerce One Page Checkout allows PHP Local File Inclusion.This issue affects WooCommerc… New	CWE-22 Path Traversal	CVE-2023-35881	2024-05-17 16:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

96	-	-	-	-	Missing Authorization vulnerability in Imran Sayed Headless CMS.This issue affects Headless CMS: from n/a through 2.0.3. New	CWE-862 Missing Authorization	CVE-2023-34186	2024-05-17 16:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

97	-	-	-	-	Missing Authorization vulnerability in Metagauss EventPrime allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventPrime: from n/a through 2.8.6. New	CWE-862 Missing Authorization	CVE-2023-33321	2024-05-17 16:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

98	-	-	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Valiano Unite Gallery Lite allows PHP Local File Inclusion.This issue affects Unite Gallery Lite: from … New	CWE-22 Path Traversal	CVE-2023-33310	2024-05-17 16:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

99	-	-	-	-	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in LWS LWS Affiliation allows PHP Local File Inclusion.This issue affects LWS Affiliation: from n/a throug… New	CWE-22 Path Traversal	CVE-2023-32297	2024-05-17 16:15	2024-05-17	Show	GitHub Exploit DB Packet Storm

100	-	-	-	-	Improper Privilege Management vulnerability in XTemos Woodmart Core allows Privilege Escalation.This issue affects Woodmart Core: from n/a through 1.0.36. New	-	CVE-2023-32244	2024-05-17 16:15	2024-05-17	Show	GitHub Exploit DB Packet Storm