| Vendor | Products | CVEs | KEV | Avg EPSS | Worst Severity |
|---|
| 4 | 5 | 0 | 22.3% | HIGH |
| CVE ID | Description | Severity | CVSS | KEV | EPSS | Published | |
|---|
| CVE-2024-43962 | Missing Authorization vulnerability in LWS LWS Affiliation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LWS Affiliation: from n/a through 2.3.4. | HIGH | 8.8 | — | 35.6% | Nov 1, 2024 | |
| CVE-2023-27453 | Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS Tools plugin <= 2.3.1 versions. | HIGH | 8.8 | — | 22.0% | Nov 22, 2023 | |
| CVE-2023-34025 | Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS Hide Login plugin <= 2.1.6 versions. | HIGH | 8.8 | — | 22.0% | Nov 9, 2023 | |
| CVE-2023-35774 | Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS Tools plugin <= 2.4.1 versions. | HIGH | 8.8 | — | 16.0% | Jul 11, 2023 | |
| CVE-2023-35781 | Cross-Site Request Forgery (CSRF) vulnerability in LWS Cleaner plugin <= 2.3.0 versions. | HIGH | 8.8 | — | 16.0% | Jul 11, 2023 | |