CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-41542
https://notcve.org/view.php?id=CVE-2023-41542
SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the jmreport/qurestSql component. • https://pho3n1x-web.github.io/2023/09/15/CVE-2023-41542%28JeecgBoot_sql%29 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51484 – WordPress Login as User or Customer plugin <= 3.8 - Unauthenticated Account Takeover vulnerability
https://notcve.org/view.php?id=CVE-2023-51484
This makes it possible for unauthenticated attackers to login as another user and escalate their privileges. • https://patchstack.com/database/vulnerability/login-as-customer-or-user/wordpress-login-as-user-or-customer-plugin-3-8-unauthenticated-account-takeover-vulnerability?_s_id=cve • CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51424 – WordPress WebinarIgnition plugin <= 3.05.0 - Unauthenticated Privilege Escalation vulnerability
https://notcve.org/view.php?id=CVE-2023-51424
This makes it possible for unauthenticated attackers to escalate their privileges. • https://patchstack.com/database/vulnerability/webinar-ignition/wordpress-webinarignition-plugin-3-05-0-unauthenticated-privilege-escalation-vulnerability?_s_id=cve • CWE-269: Improper Privilege Management CWE-862: Missing Authorization •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51398 – WordPress Ultimate Addons for Beaver Builder Premium plugin <= 1.35.14 - Privilege Escalation vulnerability
https://notcve.org/view.php?id=CVE-2023-51398
This makes it possible for authenticated attackers, with contributor access and above, to escalate their privileges to those of a higher level user. • https://patchstack.com/database/vulnerability/bb-ultimate-addon/wordpress-ultimate-addons-for-beaver-builder-premium-plugin-1-35-14-privilege-escalation-vulnerability?_s_id=cve • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51356 – WordPress ARMember plugin <= 4.0.10 - Privilege Escalation vulnerability
https://notcve.org/view.php?id=CVE-2023-51356
This makes it possible for authenticated attackers, with subscriber access and above, to escalate their privileges. • https://patchstack.com/database/vulnerability/armember-membership/wordpress-armember-plugin-4-0-10-privilege-escalation-vulnerability?_s_id=cve • CWE-20: Improper Input Validation CWE-269: Improper Privilege Management •