Lista CVE 2023/34xxx

CVE nel gruppo: 34xxx

CVE-2023-34000 (N/A)

CVE-2023-34001 (WordPress WooCommerce Stripe Payment Gateway Plugin <= 7.4.0 is vulnerable to Insecure Direct Object References (IDOR))

CVE-2023-34002 (WordPress Hide My WP Ghost – Security Plugin plugin <= 5.0.25 - Captcha Bypass vulnerability)

CVE-2023-34003 (WordPress WP Inventory Manager Plugin <= 2.1.0.13 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2023-34004 (WordPress WooCommerce Box Office plugin <= 1.1.51 - Unauthenticated Save Ticket Barcode vulnerability)

CVE-2023-34005 (WordPress WooCommerce Box Office Plugin <= 1.1.50 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-34006 (WordPress Front End Users Plugin <= 3.2.24 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2023-34007 (WordPress Telegram Bot & Channel Plugin <= 3.6.2 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-34008 (WordPress Download Monitor Plugin <= 4.8.3 is vulnerable to Arbitrary File Upload)

CVE-2023-34009 (WordPress WP ERP Plugin <= 1.12.3 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-34010 (WordPress Social Media Share Buttons & Social Sharing Icons plugin <= 2.8.1 - Broken Access Control + CSRF)

CVE-2023-34011 (WordPress Media Library Assistant Plugin <= 3.0.7 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-34012 (WordPress ShopConstruct Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-34013 (WordPress Premium Addons PRO Plugin <= 2.8.24 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-34014 (WordPress Poll Maker Plugin <= 4.6.2 is vulnerable to Server Side Request Forgery (SSRF))

CVE-2023-34015 (WordPress Grid Plus plugin <= 1.3.2 - Broken Access Control vulnerability)

CVE-2023-34017 (WordPress Advanced Flat rate shipping Woocommerce Plugin <= 1.6.4.4 is vulnerable to Cross Site Request Forgery (CSRF))

CVE-2023-34018 (WordPress Five Star Restaurant Reservations Plugin <= 2.6.7 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-34019 (WordPress SoundCloud Shortcode Plugin <= 3.1.0 is vulnerable to Cross Site Scripting (XSS))

CVE-2023-34020 (WordPress Uncanny Toolkit for LearnDash plugin <= 3.6.4.3 - Broken Access Control vulnerability)