Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 18893

18893 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

CVE IDTitleCVSSSeverityPublished
CVE-2024-5614 Piotnet Addons For Elementor <= 2.4.29 - Unauthenticated Sensitive Information Exposure — Piotnet Addons For ElementorCWE-200 5.3 Medium2024-07-27
CVE-2024-6569 Campaign Monitor for WordPress <= 2.8.15 - Unauthenticated Full Path Disclosure — Campaign Monitor for WordPressCWE-200 5.3 Medium2024-07-27
CVE-2024-5969 AIomatic - Automatic AI Content Writer <= 2.0.5 - Unauthenticated Arbitrary Email Sending — Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI ToolkitCWE-20 5.8 Medium2024-07-27
CVE-2024-6546 One Click Close Comments <= 2.7.1 - Unauthenticated Full Path Disclosure — One Click Close CommentsCWE-200 5.3 Medium2024-07-27
CVE-2024-6566 Aramex Shipping WooCommerce <= 1.1.21 - Unauthenticated Full Path Disclosure — Aramex Shipping WooCommerceCWE-200 5.3 Medium2024-07-27
CVE-2024-6549 Admin Post Navigation <= 2.1 - Unauthenticated Full Path Disclosure — Admin Post NavigationCWE-200 5.3 Medium2024-07-27
CVE-2024-6573 Intelligence <= 1.4.0 - Unauthenticated Full Path Disclosure — IntelligenceCWE-200 5.3 Medium2024-07-27
CVE-2024-6545 Admin Trim Interface <= 3.5.1 - Unauthenticated Full Path Disclosure — Admin Trim InterfaceCWE-200 5.3 Medium2024-07-27
CVE-2024-6548 Add Admin JavaScript <= 2.0 - Unauthenticated Full Path Dislcosure — Add Admin JavaScriptCWE-200 5.3 Medium2024-07-27
CVE-2024-6591 Ultimate WordPress Auction Plugin <= 4.2.7 - Missing Authorization to Unauthenticated Email Creation — Ultimate WordPress Auction PluginCWE-862 5.8 Medium2024-07-27
CVE-2024-1798 Tutor LMS – Migration Tool <= 2.2.0 - Missing Authorization in tutor_lp_export_xml — Tutor LMS – Migration ToolCWE-862 5.3 Medium2024-07-27
CVE-2024-6547 Add Admin CSS <= 2.0.1 - Unauthenticated Full Path Dislcosure — Add Admin CSSCWE-200 5.3 Medium2024-07-27
CVE-2024-6922 Server-Side Request Forgery in Automation 360 — Automation 360CWE-918 8.2 -2024-07-26
CVE-2024-38287 RHUB TurboMeeting 安全漏洞 — n/a 9.8AICriticalAI2024-07-25
CVE-2024-38289 RHUB TurboMeeting 安全漏洞 — n/a 9.8AICriticalAI2024-07-25
CVE-2024-21684 Atlassian Bitbucket Data Center 安全漏洞 — Bitbucket Data Center 6.1AIMediumAI2024-07-24
CVE-2024-7079 Openshift-console: unauthenticated installation of helm charts CWE-306 6.5 Medium2024-07-24
CVE-2024-6571 Optimize Images ALT Text (alt tag) & names for SEO using AI <= 3.1.1 - Unauthenticated Full Path Disclosure — Image SEO – AI-Driven Image SEO OptimizerCWE-200 5.3 Medium2024-07-24
CVE-2024-6553 WP Meteor Website Speed Optimization Addon <= 3.4.3 - Unauthenticated Full Path Disclosure — WP Meteor Website Speed Optimization AddonCWE-200 5.3 Medium2024-07-24
CVE-2024-3246 LiteSpeed Cache <= 6.2.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting — LiteSpeed CacheCWE-352 6.1 Medium2024-07-24
CVE-2024-5861 WP Easy Pay (Free) <= 4.2.3 - Missing Authorization to Unauthenticated Service Disconnection — WP Easy Pay – Payment and Donation form Builder for SquareCWE-862 5.3 Medium2024-07-24
CVE-2024-6755 Social Auto Poster <= 5.3.14 - Missing Authorization to Unauthenticated Arbitrary Post Deletion — Social Auto PosterCWE-862 6.5 Medium2024-07-24
CVE-2024-6751 Social Auto Poster <= 5.3.14 - Cross-Site Request Forgery via Multiple Functions — Social Auto PosterCWE-352 6.3 Medium2024-07-24
CVE-2024-7027 WooCommerce - PDF Vouchers <= 4.9.3 - Authentication Bypass to Voucher Vendor — WooCommerce - PDF VouchersCWE-288 7.3 High2024-07-24
CVE-2024-6753 Social Auto Poster <= 5.3.14 - Unauthenticated Stored Cross-Site Scripting — Social Auto PosterCWE-79 7.2 High2024-07-24
CVE-2024-6750 Social Auto Poster <= 5.3.14 - Missing Authorization via Multiple Functions — Social Auto PosterCWE-862 7.3 High2024-07-24
CVE-2024-38164 GroupMe Elevation of Privilege Vulnerability — GroupMeCWE-284 9.6 Critical2024-07-23
CVE-2024-38176 GroupMe Elevation of Privilege Vulnerability — GroupMeCWE-307 8.1 High2024-07-23
CVE-2024-41668 cBioPortal Proxy Endpoint Vulnerabliity — cbioportalCWE-918 8.3 High2024-07-23
CVE-2024-6420 Hide My WP Ghost < 5.2.02 - Hidden Login Page Disclosure — Hide My WP Ghost 6.1AIMediumAI2024-07-23

Vulnerabilities classified as access:pre-auth represent 18893 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.