Security Vulnerabilities - CVEs Published In June 2024
IBM Storage Protect for Virtual Environments: Data Protection for VMware 8.1.0.0 through 8.1.22.0 could allow a remote authenticated attacker to bypass security restrictions, caused by improper validation of user permission. By sending a specially crafted request, an attacker could exploit this vulnerability to change its settings, trigger backups, restore backups, and also delete all previous backups via log rotation. IBM X-Force ID: 294994.
CVSS Score
7.7
EPSS Score
0.0
Published
2024-06-19
Missing Authorization vulnerability in Brainstorm Force Convert Pro.This issue affects Convert Pro: from n/a through 1.7.5.
CVSS Score
7.1
EPSS Score
0.006
Published
2024-06-19
Missing Authorization vulnerability in Premium Addons Premium Addons PRO.This issue affects Premium Addons PRO: from n/a through 2.9.0.
CVSS Score
6.5
EPSS Score
0.004
Published
2024-06-19
Missing Authorization vulnerability in Brainstorm Force Spectra.This issue affects Spectra: from n/a through 2.6.6.
CVSS Score
5.4
EPSS Score
0.003
Published
2024-06-19
Missing Authorization vulnerability in Brainstorm Force Premium Starter Templates, Brainstorm Force Starter Templates astra-sites.This issue affects Premium Starter Templates: from n/a through 3.2.5; Starter Templates: from n/a through 3.2.5.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-06-19
Missing Authorization vulnerability in Paid Memberships Pro.This issue affects Paid Memberships Pro: from n/a through 1.2.3.
CVSS Score
5.4
EPSS Score
0.002
Published
2024-06-19
Missing Authorization vulnerability in Wpmet Elements kit Elementor addons.This issue affects Elements kit Elementor addons: from n/a through 2.9.0.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-06-19
Missing Authorization vulnerability in Muffingroup Betheme.This issue affects Betheme: from n/a through 27.1.1.
CVSS Score
8.2
EPSS Score
0.001
Published
2024-06-19
Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through 3.6.25.
CVSS Score
7.6
EPSS Score
0.002
Published
2024-06-19
Missing Authorization vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through 7.11.1.
CVSS Score
4.3
EPSS Score
0.002
Published
2024-06-19