API - CVE CyberSecurity Database News (Page 110)

Dec 9, 2024 WordPress API

CVE-2023-47760 - Exploiting Missing Authorization in Essential Blocks for Gutenberg (WordPress Plugin)

A critical vulnerability—CVE-2023-47760—was discovered in the popular WordPress plugin Essential Blocks for Gutenberg. This plugin is used by thousands to add custom blocks

Dec 9, 2024 WordPress API Exploit

CVE-2023-32299 - How a Missing Authorization Bug in Ni WooCommerce Sales Report Exposed Your Store Data

--- Introduction In 2023, security researchers discovered a critical vulnerability identified as CVE-2023-32299 in the WordPress plugin Ni WooCommerce Sales Report. This plugin, widely used

Dec 9, 2024 WordPress API PHP Google

CVE-2023-32117 - Exploiting the Missing Authorization in SoftLab Integrate Google Drive (n/a - 1.1.99)

The digital world runs on cloud connectors, but sometimes, integration plugins forget to ask, “Are you allowed in?” That’s exactly what happened with CVE-2023-32117;

Dec 9, 2024 WordPress API Exploit

CVE-2023-47838 - Exploiting Missing Authorization in Conditional Fields for Contact Form 7 (n/a–2.4.1)

On November 22, 2023, CVE-2023-47838 was published, describing a Missing Authorization vulnerability in the popular WordPress plugin, Conditional Fields for Contact Form 7 by Jules

Dec 9, 2024 WordPress API Exploit

CVE-2023-47871 - Exploiting Missing Authorization in IT Path Solutions Contact Form to Any API (up to v1.1.6)

CVE-2023-47871 is a critical security vulnerability affecting the WordPress plugin Contact Form to Any API by IT Path Solutions, versions up to and including 1.