Total
5077 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-5766 | 1 Code-projects | 1 Simple Laundry System | 2025-06-10 | 4.3 Medium |
| A vulnerability was found in code-projects Laundry System 1.0. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-48009 | 1 Single Content Sync Project | 1 Single Content Sync | 2025-06-10 | 3.1 Low |
| Missing Authorization vulnerability in Drupal Single Content Sync allows Functionality Misuse.This issue affects Single Content Sync: from 0.0.0 before 1.4.12. | ||||
| CVE-2025-47709 | 1 Miniorange | 1 Miniorange 2fa | 2025-06-10 | 6.5 Medium |
| Missing Authorization vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Forceful Browsing.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0. | ||||
| CVE-2025-5732 | 1 Carmelogarcia | 1 Traffic Offense Reporting System | 2025-06-10 | 4.3 Medium |
| A vulnerability, which was classified as problematic, was found in code-projects Traffic Offense Reporting System 1.0. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2023-2415 | 1 Vcita | 1 Online Booking \& Scheduling Calendar | 2025-06-10 | 5.4 Medium |
| The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vcita_logout_callback function in versions up to, and including, 4.2.10. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to logout a vctia connected account which would cause a denial of service on the appointment scheduler. | ||||
| CVE-2023-2299 | 1 Vcita | 1 Online Booking \& Scheduling Calendar | 2025-06-10 | 5.3 Medium |
| The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized medication of data via the /wp-json/vcita-wordpress/v1/actions/auth REST-API endpoint in versions up to, and including, 4.2.10 due to a missing capability check on the processAction function. This makes it possible for unauthenticated attackers modify the plugin's settings. | ||||
| CVE-2024-12812 | 1 Wedevs | 1 Wp Erp | 2025-06-10 | 7.5 High |
| The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting WordPress plugin before 1.13.4 has an issue where employees can manipulate parameters to access the data of terminated employees. | ||||
| CVE-2024-32948 | 1 Reputeinfosystems | 1 Armember | 2025-06-09 | 9.1 Critical |
| Missing Authorization vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.28. | ||||
| CVE-2024-32776 | 1 Apppresser | 1 Apppresser | 2025-06-09 | 6.5 Medium |
| Missing Authorization vulnerability in AppPresser Team AppPresser.This issue affects AppPresser: from n/a through 4.3.0. | ||||
| CVE-2024-34372 | 1 Addonmaster | 1 Post Grid Master | 2025-06-09 | 5.3 Medium |
| Missing Authorization vulnerability in AddonMaster Post Grid Master.This issue affects Post Grid Master: from n/a through 3.4.7. | ||||
| CVE-2023-48740 | 1 Easysocialfeed | 1 Easy Social Feed | 2025-06-09 | 4.3 Medium |
| Missing Authorization vulnerability in Easy Social Feed Easy Social Feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Social Feed: from n/a through 6.5.1. | ||||
| CVE-2023-47841 | 1 Analytify | 1 Analytify - Google Analytics Dashboard | 2025-06-09 | 4.3 Medium |
| Missing Authorization vulnerability in Analytify Analytify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Analytify: from n/a through 5.1.1. | ||||
| CVE-2023-47832 | 1 Searchiq | 1 Searchiq | 2025-06-09 | 5.3 Medium |
| Missing Authorization vulnerability in searchiq SearchIQ allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SearchIQ: from n/a through 4.4. | ||||
| CVE-2023-47770 | 1 Muffingroup | 1 Betheme | 2025-06-09 | 7.6 High |
| Missing Authorization vulnerability in Muffin Group Betheme.This issue affects Betheme: from n/a through 27.1.1. | ||||
| CVE-2023-41953 | 2 Profilepress, Properfraction | 2 Profilepress, Profilepress | 2025-06-09 | 5.3 Medium |
| Missing Authorization vulnerability in ProfilePress Membership Team ProfilePress.This issue affects ProfilePress: from n/a through 4.13.1. | ||||
| CVE-2023-50882 | 2 Profilepress, Properfraction | 2 Profilepress, Profilepress | 2025-06-09 | 5.3 Medium |
| Missing Authorization vulnerability in ProfilePress Membership Team ProfilePress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ProfilePress: from n/a through 4.13.2. | ||||
| CVE-2023-49835 | 1 Metaphorcreations | 1 Post Duplicator | 2025-06-09 | 4.3 Medium |
| Missing Authorization vulnerability in Metaphor Creations Post Duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Duplicator: from n/a through 2.31. | ||||
| CVE-2023-48774 | 1 Northernbeacheswebsites | 1 Ideapush | 2025-06-09 | 5.4 Medium |
| Missing Authorization vulnerability in Martin Gibson IdeaPush allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IdeaPush: from n/a through n/a. | ||||
| CVE-2025-30897 | 1 Analytify | 1 Analytify - Google Analytics Dashboard | 2025-06-09 | 4.3 Medium |
| Missing Authorization vulnerability in Adnan Analytify allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Analytify: from n/a through 5.5.1. | ||||
| CVE-2025-24736 | 1 Metaphorcreations | 1 Post Duplicator | 2025-06-09 | 4.3 Medium |
| Missing Authorization vulnerability in Metaphor Creations Post Duplicator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Post Duplicator: from n/a through 2.35. | ||||