Total
6625 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-10489 | 2025-09-22 | N/A | 4.3 MEDIUM | ||
| The SureForms – Drag and Drop Contact Form Builder – Multi-step Forms, Conversational Forms and more plugin for WordPress is vulnerable to unauthorized creation of forms due to a missing capability check on the register_post_types() function in all versions up to, and including, 1.12.0. This makes it possible for authenticated attackers, with Contributor-level access and above, to create forms when the user interface specifically prohibits it. | |||||
| CVE-2025-10305 | 2025-09-22 | N/A | 5.3 MEDIUM | ||
| The Secure Passkeys plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the delete_passkey() and passkeys_list() function in all versions up to, and including, 1.2.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view and delete passkeys. | |||||
| CVE-2025-57949 | 2025-09-22 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in oggix Ongkoskirim.id allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ongkoskirim.id: from n/a through 1.0.6. | |||||
| CVE-2025-57976 | 2025-09-22 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in CardCom CardCom Payment Gateway allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CardCom Payment Gateway: from n/a through 3.5.0.4. | |||||
| CVE-2025-57961 | 2025-09-22 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Codexpert, Inc CoDesigner allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CoDesigner: from n/a through 4.25.2. | |||||
| CVE-2025-57969 | 2025-09-22 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Jeremy Saxey Hide WP Toolbar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Hide WP Toolbar: from n/a through 2.7. | |||||
| CVE-2025-57972 | 2025-09-22 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in WPFactory Helpdesk Support Ticket System for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Helpdesk Support Ticket System for WooCommerce: from n/a through 2.0.2. | |||||
| CVE-2025-57921 | 2025-09-22 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in N-Media Frontend File Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Frontend File Manager: from n/a through 23.2. | |||||
| CVE-2025-57917 | 2025-09-22 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in printcart Printcart Web to Print Product Designer for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Printcart Web to Print Product Designer for WooCommerce: from n/a through 2.4.3. | |||||
| CVE-2025-57991 | 2025-09-22 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Clariti Clariti allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Clariti: from n/a through 1.2.1. | |||||
| CVE-2025-57944 | 2025-09-22 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Skimlinks Skimlinks Affiliate Marketing Tool allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Skimlinks Affiliate Marketing Tool: from n/a through 1.3. | |||||
| CVE-2025-57957 | 2025-09-22 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in wpcraft WooMS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WooMS: from n/a through 9.12. | |||||
| CVE-2025-57990 | 2025-09-22 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in solwininfotech Blog Designer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Blog Designer: from n/a through 3.1.8. | |||||
| CVE-2025-57958 | 2025-09-22 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in WPXPO WowAddons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WowAddons: from n/a through 1.0.17. | |||||
| CVE-2025-57936 | 2025-09-22 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Meitar Subresource Integrity (SRI) Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Subresource Integrity (SRI) Manager: from n/a through 0.4.0. | |||||
| CVE-2025-57909 | 2025-09-22 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Rouergue Création Editor Custom Color Palette allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Editor Custom Color Palette: from n/a through 3.4.8. | |||||
| CVE-2025-57987 | 2025-09-22 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in ThimPress WP Events Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Events Manager: from n/a through 2.2.1. | |||||
| CVE-2025-57985 | 2025-09-22 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in MantraBrain Ultimate Watermark allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ultimate Watermark: from n/a through 1.1. | |||||
| CVE-2025-53452 | 2025-09-22 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Barry Event Rocket allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Event Rocket: from n/a through 3.3. | |||||
| CVE-2025-57939 | 2025-09-22 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Blocksera Image Hover Effects – Elementor Addon allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Image Hover Effects – Elementor Addon: from n/a through 1.4.4. | |||||