Total
6607 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-69185 | 2026-01-27 | N/A | 7.3 HIGH | ||
| Missing Authorization vulnerability in e-plugins Hotel Listing hotel-listing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hotel Listing: from n/a through <= 1.4.2. | |||||
| CVE-2026-24544 | 2026-01-27 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Harmonic Design HD Quiz hd-quiz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HD Quiz: from n/a through <= 2.0.9. | |||||
| CVE-2026-24543 | 2026-01-27 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Horea Radu Materialis Companion materialis-companion allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Materialis Companion: from n/a through <= 1.3.52. | |||||
| CVE-2026-24541 | 2026-01-27 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in mkscripts Download After Email download-after-email allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download After Email: from n/a through <= 2.1.9. | |||||
| CVE-2026-24540 | 2026-01-27 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Prince Integrate Google Drive integrate-google-drive allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Integrate Google Drive: from n/a through <= 1.5.5. | |||||
| CVE-2025-69181 | 2026-01-27 | N/A | 7.3 HIGH | ||
| Missing Authorization vulnerability in e-plugins Lawyer Directory lawyer-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lawyer Directory: from n/a through <= 1.3.4. | |||||
| CVE-2025-69095 | 2026-01-27 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in designthemes Reservation Plugin dt-reservation-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Reservation Plugin: from n/a through <= 1.7. | |||||
| CVE-2025-69052 | 2026-01-27 | N/A | 9.8 CRITICAL | ||
| Missing Authorization vulnerability in FmeAddons Registration & Login with Mobile Phone Number for WooCommerce registration-login-with-mobile-phone-number allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Registration & Login with Mobile Phone Number for WooCommerce: from n/a through <= 1.3.1. | |||||
| CVE-2025-66140 | 2026-01-27 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in merkulove Uper for Elementor uper-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Uper for Elementor: from n/a through <= 1.0.5. | |||||
| CVE-2026-23683 | 2026-01-27 | N/A | 4.3 MEDIUM | ||
| SAP Fiori App Intercompany Balance Reconciliation does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on confidentiality, integrity and availability are not impacted. | |||||
| CVE-2025-14971 | 2026-01-27 | N/A | 5.3 MEDIUM | ||
| The Link Invoice Payment for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the createPartialPayment and cancelPartialPayment functions in all versions up to, and including, 2.8.0. This makes it possible for unauthenticated attackers to create partial payments on any order or cancel any existing partial payment via ID enumeration. | |||||
| CVE-2026-24534 | 2026-01-26 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in uPress Booter booter-bots-crawlers-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booter: from n/a through <= 1.5.7. | |||||
| CVE-2026-24532 | 2026-01-26 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in SiteLock SiteLock Security sitelock allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteLock Security: from n/a through <= 5.0.2. | |||||
| CVE-2026-24524 | 2026-01-26 | N/A | 8.1 HIGH | ||
| Missing Authorization vulnerability in Essekia Tablesome tablesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tablesome: from n/a through <= 1.1.35.2. | |||||
| CVE-2025-66138 | 2026-01-26 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in merkulove Motionger for Elementor motionger-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Motionger for Elementor: from n/a through <= 2.0.4. | |||||
| CVE-2025-66137 | 2026-01-26 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in merkulove Searcher for Elementor searcher-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Searcher for Elementor: from n/a through <= 1.0.3. | |||||
| CVE-2025-66136 | 2026-01-26 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in merkulove Carter for Elementor carter-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Carter for Elementor: from n/a through <= 1.0.2. | |||||
| CVE-2025-66135 | 2026-01-26 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in merkulove Imager for Elementor imager-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Imager for Elementor: from n/a through <= 2.0.4. | |||||
| CVE-2025-63018 | 2026-01-26 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in wproyal Bard bard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bard: from n/a through <= 2.229. | |||||
| CVE-2025-62754 | 2026-01-26 | N/A | 9.1 CRITICAL | ||
| Missing Authorization vulnerability in Kapil Paul Payment Gateway bKash for WC woo-payment-bkash allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Payment Gateway bKash for WC: from n/a through <= 3.1.0. | |||||