Total
5226 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2025-31841 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 6.3 Medium |
Missing Authorization vulnerability in Frank P. Walentynowicz FPW Category Thumbnails allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects FPW Category Thumbnails: from n/a through 1.9.5. | ||||
CVE-2023-46608 | 2 Wordpress, Wpdo | 2 Wordpress, Dologin Security | 2025-07-13 | 5.3 Medium |
Missing Authorization vulnerability in WPDO DoLogin Security allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DoLogin Security: from n/a through 3.7.1. | ||||
CVE-2024-54269 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 4.3 Medium |
Missing Authorization vulnerability in Ninja Team Notibar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notibar: from n/a through 2.1.4. | ||||
CVE-2025-32201 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 4.3 Medium |
Missing Authorization vulnerability in Xpro Xpro Theme Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Xpro Theme Builder: from n/a through 1.2.8.3. | ||||
CVE-2025-31787 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 4.3 Medium |
Missing Authorization vulnerability in Brady Vercher Cue allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Cue: from n/a through 2.4.4. | ||||
CVE-2023-32593 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 5.4 Medium |
Missing Authorization vulnerability in GS Plugins GS Pins for Pinterest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GS Pins for Pinterest: from n/a through 1.6.7. | ||||
CVE-2024-13686 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 4.3 Medium |
The VW Storefront theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vw_storefront_reset_all_settings() function in all versions up to, and including, 0.9.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to reset the themes settings. | ||||
CVE-2024-13811 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 4.3 Medium |
The Lafka - Multi Store Burger - Pizza & Food Delivery WooCommerce Theme theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'lafka_import_lafka' AJAX actions in all versions up to, and including, 4.5.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to import demo data that overrides the site. | ||||
CVE-2025-30543 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 4.3 Medium |
Missing Authorization vulnerability in swayam.tejwani Menu Duplicator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Menu Duplicator: from n/a through 1.0. | ||||
CVE-2025-31581 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 6.5 Medium |
Missing Authorization vulnerability in Sandeep Kumar WP Video Playlist allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Video Playlist: from n/a through 1.1.2. | ||||
CVE-2025-49240 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 4.3 Medium |
Missing Authorization vulnerability in nK DocsPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects DocsPress: from n/a through 2.5.2. | ||||
CVE-2024-37203 | 2 Laybuy, Wordpress | 2 Laybuy Payment Extension For Woocommerce, Wordpress | 2025-07-13 | 4.3 Medium |
Missing Authorization vulnerability in Laybuy Laybuy Payment Extension for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Laybuy Payment Extension for WooCommerce: from n/a through 5.3.9. | ||||
CVE-2025-26958 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 7.5 High |
Missing Authorization vulnerability in NotFound JetBlog allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects JetBlog: from n/a through 2.4.3. | ||||
CVE-2024-54359 | 2 Saul Morales Pacheco, Wordpress | 2 Banner System, Wordpress | 2025-07-13 | 8.2 High |
Missing Authorization vulnerability in Saul Morales Pacheco Banner System allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Banner System: from n/a through 1.0.0. | ||||
CVE-2023-46082 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 5.3 Medium |
Missing Authorization vulnerability in Cyberlord92 Broken Link Checker | Finder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broken Link Checker | Finder: from n/a through 2.4.2. | ||||
CVE-2025-23534 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 6.5 Medium |
Missing Authorization vulnerability in Mark Winiarski WPLingo allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WPLingo: from n/a through 1.1.2. | ||||
CVE-2024-53798 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 5.4 Medium |
Missing Authorization vulnerability in BAKKBONE Australia FloristPress.This issue affects FloristPress: from n/a through 7.3.0. | ||||
CVE-2024-50424 | 2 Templately, Wordpress | 2 Templately, Wordpress | 2025-07-13 | 6.5 Medium |
Missing Authorization vulnerability in Templately allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Templately: from n/a through 3.1.5. | ||||
CVE-2024-53784 | 2 E-goi, Wordpress | 2 Smart Marketing Sms And Newsletters Forms, Wordpress | 2025-07-13 | 4.3 Medium |
Missing Authorization vulnerability in E-goi Smart Marketing SMS and Newsletters Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart Marketing SMS and Newsletters Forms: from n/a through 5.0.9. | ||||
CVE-2025-23615 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 6.5 Medium |
Missing Authorization vulnerability in NotFound Interactive Page Hierarchy allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Interactive Page Hierarchy: from n/a through 1.0.1. |