Security Vulnerabilities - CVEs Published In May 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Elementor Elementor Website Builder allows Manipulating Web Input to File System Calls.This issue affects Elementor Website Builder: from n/a through 3.19.0.
CVSS Score
8.5
EPSS Score
0.012
Published
2024-05-17
Authentication Bypass by Spoofing vulnerability in WPMU DEV Defender Security allows Functionality Bypass.This issue affects Defender Security: from n/a through 4.4.1.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-05-17
Improper Privilege Management vulnerability in Masteriyo LMS allows Privilege Escalation.This issue affects LMS: from n/a through 1.7.2.
CVSS Score
9.8
EPSS Score
0.005
Published
2024-05-17
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in BoldGrid Total Upkeep allows Relative Path Traversal.This issue affects Total Upkeep: from n/a through 1.15.8.
CVSS Score
7.5
EPSS Score
0.014
Published
2024-05-17
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Strategy11 Form Builder Team Formidable Forms allows Code Injection.This issue affects Formidable Forms: from n/a through 6.7.
CVSS Score
5.3
EPSS Score
0.003
Published
2024-05-17
Improper Privilege Management vulnerability in InstaWP Team InstaWP Connect allows Privilege Escalation.This issue affects InstaWP Connect: from n/a through 0.1.0.8.
CVSS Score
8.8
EPSS Score
0.139
Published
2024-05-17
Authentication Bypass by Spoofing vulnerability in Wpmet Wp Ultimate Review allows Functionality Bypass.This issue affects Wp Ultimate Review: from n/a through 2.3.2.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-05-17
Improper Privilege Management vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels allows Privilege Escalation.This issue affects WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels: from n/a through 4.2.1.
CVSS Score
7.2
EPSS Score
0.001
Published
2024-05-17
Improper Privilege Management vulnerability in Abdul Hakeem Build App Online allows Privilege Escalation.This issue affects Build App Online: from n/a through 1.0.19.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-05-17
Improper Privilege Management vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder allows Privilege Escalation.This issue affects Ultimate Addons for Beaver Builder: from n/a through 1.35.14.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-05-17