Total
333370 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-67588 | 2026-01-20 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Elementor Elementor Website Builder elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Website Builder: from n/a through <= 3.33.0. | |||||
| CVE-2025-67587 | 2026-01-20 | N/A | 4.3 MEDIUM | ||
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks WP Gravity Forms FreshDesk Plugin gf-freshdesk allows Phishing.This issue affects WP Gravity Forms FreshDesk Plugin: from n/a through <= 1.3.5. | |||||
| CVE-2025-67586 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Ronald Huereca Highlight and Share highlight-and-share allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Highlight and Share: from n/a through <= 5.2.0. | |||||
| CVE-2025-67585 | 2026-01-20 | N/A | 4.7 MEDIUM | ||
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in flexmls Flexmls® IDX flexmls-idx allows Phishing.This issue affects Flexmls® IDX: from n/a through <= 3.15.7. | |||||
| CVE-2025-67584 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in rtCamp GoDAM godam allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GoDAM: from n/a through <= 1.4.6. | |||||
| CVE-2025-67583 | 1 Themeatelier | 1 Idonate | 2026-01-20 | N/A | 5.3 MEDIUM |
| Missing Authorization vulnerability in ThemeAtelier IDonate idonate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonate: from n/a through <= 2.1.15. | |||||
| CVE-2025-67582 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in wbcomdesigns Wbcom Designs lock-my-bp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wbcom Designs: from n/a through <= 2.1.1. | |||||
| CVE-2025-67581 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in themetechmount TrueBooker truebooker-appointment-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TrueBooker: from n/a through <= 1.1.0. | |||||
| CVE-2025-67580 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Constant Contact Constant Contact + WooCommerce constant-contact-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Constant Contact + WooCommerce: from n/a through <= 2.4.1. | |||||
| CVE-2025-67579 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in vanquish User Extra Fields wp-user-extra-fields allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Extra Fields: from n/a through <= 16.8. | |||||
| CVE-2025-67578 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Rhys Wynne WP Email Capture wp-email-capture allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Email Capture: from n/a through <= 3.12.4. | |||||
| CVE-2025-67577 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in hassantafreshi Easy Form Builder easy-form-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Form Builder: from n/a through <= 3.8.20. | |||||
| CVE-2025-67576 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in QuantumCloud Simple Link Directory simple-link-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Link Directory: from n/a through <= 8.8.3. | |||||
| CVE-2025-39848 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2026-01-20 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: ax25: properly unshare skbs in ax25_kiss_rcv() Bernard Pidoux reported a regression apparently caused by commit c353e8983e0d ("net: introduce per netns packet chains"). skb->dev becomes NULL and we crash in __netif_receive_skb_core(). Before above commit, different kind of bugs or corruptions could happen without a major crash. But the root cause is that ax25_kiss_rcv() can queue/mangle input skb without checking if this skb is shared or not. Many thanks to Bernard Pidoux for his help, diagnosis and tests. We had a similar issue years ago fixed with commit 7aaed57c5c28 ("phonet: properly unshare skbs in phonet_rcv()"). | |||||
| CVE-2025-67575 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Andrew Lima Sitewide Notice WP sitewide-notice-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sitewide Notice WP: from n/a through <= 2.4.1. | |||||
| CVE-2025-67574 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in wpdevart Booking calendar, Appointment Booking System booking-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking calendar, Appointment Booking System: from n/a through <= 3.2.30. | |||||
| CVE-2025-67573 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in ThimPress Sailing sailing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sailing: from n/a through < 4.4.6. | |||||
| CVE-2025-67572 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in PenciDesign PenNews pennews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PenNews: from n/a through < 6.7.4. | |||||
| CVE-2025-67571 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in WPFunnels WPFunnels wpfunnels allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPFunnels: from n/a through <= 3.6.2. | |||||
| CVE-2025-67570 | 2026-01-20 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in GSheetConnector by WesternDeal WPForms Google Sheet Connector gsheetconnector-wpforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPForms Google Sheet Connector: from n/a through <= 4.0.0. | |||||