Total
6630 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-2266 | 2025-04-01 | N/A | 9.8 CRITICAL | ||
| The Checkout Mestres do WP for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the cwmpUpdateOptions() function in versions 8.6.5 to 8.7.5. This makes it possible for unauthenticated attackers to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site. | |||||
| CVE-2025-31546 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in WP Messiah Swiss Toolkit For WP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Swiss Toolkit For WP: from n/a through 1.3.0. | |||||
| CVE-2025-31596 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Chatwee Chat by Chatwee allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Chat by Chatwee: from n/a through 2.1.3. | |||||
| CVE-2025-31376 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Mayeenul Islam NanoSupport allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NanoSupport: from n/a through 0.6.0. | |||||
| CVE-2025-31584 | 2025-04-01 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in elfsight Elfsight Testimonials Slider allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Elfsight Testimonials Slider: from n/a through 1.0.1. | |||||
| CVE-2025-31530 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in smackcoders Google SEO Pressor Snippet allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Google SEO Pressor Snippet: from n/a through 2.0. | |||||
| CVE-2025-31386 | 2025-04-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Simplepress Simple:Press allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple:Press: from n/a through 6.10.11. | |||||
| CVE-2025-31544 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in WP Messiah Swiss Toolkit For WP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Swiss Toolkit For WP: from n/a through 1.3.0. | |||||
| CVE-2025-30855 | 2025-04-01 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in Ads by WPQuads Ads by WPQuads allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ads by WPQuads: from n/a through 2.0.87.1. | |||||
| CVE-2025-31533 | 2025-04-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Salesmate.io Salesmate Add-On for Gravity Forms allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Salesmate Add-On for Gravity Forms: from n/a through 2.0.3. | |||||
| CVE-2025-31529 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Rashid Slider Path for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Slider Path for Elementor: from n/a through 3.0.0. | |||||
| CVE-2025-31782 | 2025-04-01 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in pupunzi mb.YTPlayer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects mb.YTPlayer: from n/a through 3.3.8. | |||||
| CVE-2025-30797 | 2025-04-01 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in bigdrop.gr Greek Multi Tool – Fix peralinks, accents, auto create menus and more allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Greek Multi Tool – Fix peralinks, accents, auto create menus and more: from n/a through 2.3.1. | |||||
| CVE-2025-31732 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in gb-plugins GB Gallery Slideshow allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GB Gallery Slideshow: from n/a through 1.3. | |||||
| CVE-2025-31765 | 2025-04-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in themeqx GDPR Cookie Notice allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GDPR Cookie Notice: from n/a through 1.2.0. | |||||
| CVE-2025-31773 | 2025-04-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in cedcommerce Ship Per Product allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Ship Per Product: from n/a through 2.1.0. | |||||
| CVE-2025-31786 | 2025-04-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Travis Simple Icons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Simple Icons: from n/a through 2.8.4. | |||||
| CVE-2025-30926 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in KingAddons.com King Addons for Elementor. This issue affects King Addons for Elementor: from n/a through 24.12.58. | |||||
| CVE-2025-31777 | 2025-04-01 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in BeastThemes Clockinator Lite allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Clockinator Lite: from n/a through 1.0.7. | |||||
| CVE-2025-31752 | 2025-04-01 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in termel Bulk Fields Editor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Bulk Fields Editor: from n/a through 1.8.0. | |||||