Total
6625 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-60106 | 2025-09-26 | N/A | 4.9 MEDIUM | ||
| Missing Authorization vulnerability in Roxnor EmailKit allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects EmailKit: from n/a through 1.6.0. | |||||
| CVE-2025-60098 | 2025-09-26 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Jeff Farthing Theme My Login allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Theme My Login: from n/a through 7.1.12. | |||||
| CVE-2025-58919 | 2025-09-26 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in guihom Wide Banner allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Wide Banner: from n/a through 1.0.4. | |||||
| CVE-2025-60127 | 2025-09-26 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in ArtistScope CopySafe Web Protection allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CopySafe Web Protection: from n/a through 4.3. | |||||
| CVE-2025-60128 | 2025-09-26 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in WP Delicious Delisho allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Delisho: from n/a through 1.1.3. | |||||
| CVE-2025-48326 | 2025-09-26 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Acclectic Media Acclectic Media Organizer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Acclectic Media Organizer: from n/a through 1.4. | |||||
| CVE-2025-60103 | 2025-09-26 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in CridioStudio ListingPro allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ListingPro: from n/a through 2.9.8. | |||||
| CVE-2025-10173 | 2025-09-26 | N/A | 2.7 LOW | ||
| The ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution plugin for WordPress is vulnerable to unauthorized access due to an incorrect capability check on the post_save() function in all versions up to, and including, 4.8.3. This makes it possible for authenticated attackers, with Editor-level access and above, to update the plugin's settings. | |||||
| CVE-2025-60121 | 2025-09-26 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Ex-Themes WooEvents allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WooEvents: from n/a through 4.1.7. | |||||
| CVE-2025-60130 | 2025-09-26 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in wedos.com WEDOS Global allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WEDOS Global: from n/a through 1.2.2. | |||||
| CVE-2025-60120 | 2025-09-26 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in wpdirectorykit WP Directory Kit allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Directory Kit: from n/a through 1.3.8. | |||||
| CVE-2025-60165 | 2025-09-26 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in HaruTheme Frames allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Frames: from n/a through 1.5.7. | |||||
| CVE-2025-60096 | 2025-09-26 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in CodexThemes TheGem (Elementor) allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects TheGem (Elementor): from n/a through 5.10.5. | |||||
| CVE-2025-9984 | 2025-09-26 | N/A | 5.3 MEDIUM | ||
| The Featured Image from URL (FIFU) plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the fifu_api_debug_posts() function in all versions up to, and including, 5.2.7. This makes it possible for unauthenticated attackers to read private/password protected posts. | |||||
| CVE-2025-60094 | 2025-09-26 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Benjamin Intal Stackable allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Stackable: from n/a through 3.18.1. | |||||
| CVE-2025-60155 | 2025-09-26 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in loopus WP Virtual Assistant allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Virtual Assistant: from n/a through 3.0. | |||||
| CVE-2025-59011 | 2025-09-26 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in shinetheme Traveler allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Traveler: from n/a through n/a. | |||||
| CVE-2025-60123 | 2025-09-26 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in HivePress HivePress Claim Listings allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects HivePress Claim Listings: from n/a through 1.1.3. | |||||
| CVE-2025-60129 | 2025-09-26 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Yext Yext allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Yext: from n/a through 1.1.3. | |||||
| CVE-2025-60148 | 2025-09-26 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in wpshuffle Subscribe to Download allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Subscribe to Download: from n/a through 2.0.9. | |||||