Total
333268 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-67596 | 2026-01-20 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Strategy11 Team Business Directory business-directory-plugin allows Cross Site Request Forgery.This issue affects Business Directory: from n/a through <= 6.4.19. | |||||
| CVE-2025-67595 | 1 Ays-pro | 1 Quiz Maker | 2026-01-20 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site Request Forgery.This issue affects Quiz Maker: from n/a through <= 6.7.0.82. | |||||
| CVE-2025-67594 | 2026-01-20 | N/A | 4.3 MEDIUM | ||
| Authorization Bypass Through User-Controlled Key vulnerability in ThimPress Thim Elementor Kit thim-elementor-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Thim Elementor Kit: from n/a through <= 1.3.3. | |||||
| CVE-2025-67593 | 2026-01-20 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Stiofan UsersWP userswp allows Cross Site Request Forgery.This issue affects UsersWP: from n/a through <= 1.2.48. | |||||
| CVE-2025-67592 | 2026-01-20 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Joe Dolson My Calendar my-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Calendar: from n/a through <= 3.6.16. | |||||
| CVE-2025-67591 | 2026-01-20 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in jegtheme JNews Paywall jnews-paywall allows Cross Site Request Forgery.This issue affects JNews Paywall: from n/a through < 12.0.1. | |||||
| CVE-2025-67590 | 2026-01-20 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Rustaurius Ultimate FAQ ultimate-faqs allows Cross Site Request Forgery.This issue affects Ultimate FAQ: from n/a through <= 2.4.3. | |||||
| CVE-2025-67589 | 2026-01-20 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in WP Overnight WooCommerce PDF Invoices & Packing Slips woocommerce-pdf-invoices-packing-slips allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce PDF Invoices & Packing Slips: from n/a through <= 4.9.1. | |||||
| CVE-2025-67588 | 2026-01-20 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Elementor Elementor Website Builder elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Website Builder: from n/a through <= 3.33.0. | |||||
| CVE-2025-67587 | 2026-01-20 | N/A | 4.3 MEDIUM | ||
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks WP Gravity Forms FreshDesk Plugin gf-freshdesk allows Phishing.This issue affects WP Gravity Forms FreshDesk Plugin: from n/a through <= 1.3.5. | |||||
| CVE-2025-67586 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Ronald Huereca Highlight and Share highlight-and-share allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Highlight and Share: from n/a through <= 5.2.0. | |||||
| CVE-2025-67585 | 2026-01-20 | N/A | 4.7 MEDIUM | ||
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in flexmls Flexmls® IDX flexmls-idx allows Phishing.This issue affects Flexmls® IDX: from n/a through <= 3.15.7. | |||||
| CVE-2025-67584 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in rtCamp GoDAM godam allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GoDAM: from n/a through <= 1.4.6. | |||||
| CVE-2025-67583 | 1 Themeatelier | 1 Idonate | 2026-01-20 | N/A | 5.3 MEDIUM |
| Missing Authorization vulnerability in ThemeAtelier IDonate idonate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonate: from n/a through <= 2.1.15. | |||||
| CVE-2025-67582 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in wbcomdesigns Wbcom Designs lock-my-bp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wbcom Designs: from n/a through <= 2.1.1. | |||||
| CVE-2025-67581 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in themetechmount TrueBooker truebooker-appointment-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TrueBooker: from n/a through <= 1.1.0. | |||||
| CVE-2025-67580 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Constant Contact Constant Contact + WooCommerce constant-contact-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Constant Contact + WooCommerce: from n/a through <= 2.4.1. | |||||
| CVE-2025-67579 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in vanquish User Extra Fields wp-user-extra-fields allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Extra Fields: from n/a through <= 16.8. | |||||
| CVE-2025-67578 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Rhys Wynne WP Email Capture wp-email-capture allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Email Capture: from n/a through <= 3.12.4. | |||||
| CVE-2025-67577 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in hassantafreshi Easy Form Builder easy-form-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Form Builder: from n/a through <= 3.8.20. | |||||