access:pre-auth — CVE vulnerabilities tagged 18942

18942 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-1095	Build & Control Block Patterns – Boost up Gutenberg Editor <= 1.3.5.4 - Missing Authorization — Build & Control Block Patterns – Boost up Gutenberg EditorCWE-862	5.3	Medium	2024-03-05
CVE-2024-1478	Maintenance Mode <= 3.0.1 - Information Exposure — Maintenance ModeCWE-284	5.3	Medium	2024-03-05
CVE-2024-1782	Blue Triad EZAnalytics <= 1.0 - Reflected Cross-Site Scripting via 'bt_webid' — Blue Triad EZAnalyticsCWE-79	6.1	Medium	2024-03-05
CVE-2024-1178	SportsPress – Sports Club & League Manager <= 2.7.17 - Missing Authorization to Unauthenticated Event Permalink Update — SportsPress – Sports Club & League ManagerCWE-862	5.3	Medium	2024-03-05
CVE-2024-25164	IDURAR ERP/CRM 安全漏洞 — n/a	7.5^AI	High^AI	2024-03-04
CVE-2024-25016	IBM MQ denial of service — MQCWE-20	7.5	High	2024-03-03
CVE-2023-6326	Master Slider - Responsive Touch Slider <= 3.9.10 - Cross-Site Request Forgery via process_bulk_action — Master Slider – Responsive Touch SliderCWE-352	5.4	Medium	2024-03-02
CVE-2024-0378	AI Engine <= 2.2.0 - Unauthenticated Stored Cross-Site Scripting — AI Engine – The Chatbot, AI Framework & MCP for WordPressCWE-79	6.5	Medium	2024-03-02
CVE-2024-1775	Nextend Social Login and Register <= 3.1.12 - Reflected Self-Based Cross-Site Scripting via error_description — Nextend Social Login and RegisterCWE-79	5.4	Medium	2024-03-02
CVE-2024-1592	Complianz – GDPR/CCPA Cookie Consent <= 6.5.6 - Cross-Site Request Forgery to Data Request Deletion — Complianz – GDPR/CCPA Cookie ConsentCWE-352	4.3	Medium	2024-03-02
CVE-2024-22182	Commend WS203VICM Argument Injection — WS203VICMCWE-88	8.6	High	2024-03-01
CVE-2024-27296	Directus version number disclosure — directusCWE-200	5.3	Medium	2024-03-01
CVE-2024-27139	Apache Archiva: incorrect authentication potentially leading to account takeover — Apache ArchivaCWE-863	9.1	-	2024-03-01
CVE-2024-22458	Dell Secure Connect Gateway 加密问题漏洞 — Secure Connect Gateway (SCG) 5.0 Appliance - SRSCWE-327	3.7	Low	2024-03-01
CVE-2024-1120	NextMove Lite – Thank You Page for WooCommerce & Finale Lite – Sales Countdown Timer & Discount for WooCommerce <= 2.17.0 - Missing Authorization to Unauthenticated System Information Disclosure — Finale Lite – Sales Countdown Timer & Discount for WooCommerceCWE-862	5.3	Medium	2024-03-01
CVE-2024-25972	ATSUMI Electric OET-213H-BTS1 安全漏洞 — OET-213H-BTS1	8.1	-	2024-03-01
CVE-2024-0692	SolarWinds Security Event Manager Deserialization of Untrusted Data Remote Code Execution Vulnerability — Security Event Manager CWE-502	8.8	High	2024-03-01
CVE-2024-1981	WordPress Plugin Migration, Backup, Staging 安全漏洞 — Migration, Backup, Staging – WPvivid	9.8	Critical	2024-02-29
CVE-2024-1982	WPvivid Backup and Migration <= 0.9.68 - Missing Authorization — WPvivid — Backup, Migration & StagingCWE-862	6.5	Medium	2024-02-29
CVE-2024-1976	Marketing Optimizer <= 20200925 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Marketing OptimizerCWE-352	4.3	Medium	2024-02-29
CVE-2023-38367	IBM Cloud Pak for Automation authentication bypass — Cloud Pak for Automation	6.5	Medium	2024-02-29
CVE-2024-23910	ELECOM WRC-1167GS2-B 安全漏洞 — WRC-1167GS2-BCWE-352	8.8^AI	High^AI	2024-02-28
CVE-2024-20294	Cisco NX-OS Software和Cisco FXOS Software安全漏洞 — Cisco NX-OS SoftwareCWE-805	6.6	Medium	2024-02-28
CVE-2024-20291	Cisco Nexus 3000 Series Switches 安全漏洞 — Cisco NX-OS SoftwareCWE-284	5.8	Medium	2024-02-28
CVE-2024-20344	Cisco UCS 6400 Series Fabric Interconnects 安全漏洞 — Cisco Unified Computing System (Managed)CWE-400	5.3	Medium	2024-02-28
CVE-2024-20267	Cisco NX-OS Software 安全漏洞 — Cisco NX-OS SoftwareCWE-120	8.6	High	2024-02-28
CVE-2024-20321	Cisco NX-OS Software 安全漏洞 — Cisco NX-OS SoftwareCWE-400	8.6	High	2024-02-28
CVE-2024-1719	Easy PayPal & Stripe Buy Now Button <= 1.8.3 & Contact Form 7 – PayPal & Stripe Add-on <= 2.1 - Cross-Site Request Forgery to Settings Update — Easy PayPal & Stripe Buy Now ButtonCWE-352	4.3	Medium	2024-02-28
CVE-2024-1860	Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan <= 4.51 - Missing Authorization to Unauthenticated IP Address Whitelist — Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker ScanCWE-862	6.5	Medium	2024-02-28
CVE-2024-1476	Under Construction / Maintenance Mode from Acurax <= 2.6 - Information Exposure — Under Construction / Maintenance Mode from AcuraxCWE-284	5.3	Medium	2024-02-28

Vulnerabilities classified as access:pre-auth represent 18942 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

access:pre-auth — CVE vulnerabilities tagged 18942