Total
5092 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-5570 | 1 Zitscher | 1 Simple Photoswipe | 2025-05-19 | 6.5 Medium |
The Simple Photoswipe WordPress plugin through 0.1 does not have authorisation check when updating its settings, which could allow any authenticated users, such as subscriber to update them | ||||
CVE-2025-48079 | 2025-05-19 | 4.3 Medium | ||
Missing Authorization vulnerability in Metagauss ProfileGrid allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ProfileGrid : from n/a through 5.9.5.1. | ||||
CVE-2025-31063 | 2025-05-19 | 4.3 Medium | ||
Missing Authorization vulnerability in redqteam Wishlist allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Wishlist: from n/a through 2.1.0. | ||||
CVE-2025-32296 | 2025-05-19 | 5.3 Medium | ||
Missing Authorization vulnerability in quantumcloud Simple Link Directory Pro allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Simple Link Directory Pro: from n/a through 14.7.3. | ||||
CVE-2025-39511 | 2025-05-19 | 4.3 Medium | ||
Missing Authorization vulnerability in ValvePress Pinterest Automatic Pin allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Pinterest Automatic Pin: from n/a through 4.18.2. | ||||
CVE-2025-47556 | 2025-05-19 | 5.4 Medium | ||
Missing Authorization vulnerability in QuanticaLabs CSS3 Compare Pricing Tables for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CSS3 Compare Pricing Tables for WordPress: from n/a through 11.5. | ||||
CVE-2025-31066 | 2025-05-19 | 5.3 Medium | ||
Missing Authorization vulnerability in themeton Acerola allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Acerola: from n/a through 1.6.5. | ||||
CVE-2025-32295 | 2025-05-19 | 4.3 Medium | ||
Missing Authorization vulnerability in wordpresschef Salon Booking Pro allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Salon Booking Pro: from n/a through 10.10.2. | ||||
CVE-2025-47564 | 2025-05-19 | 5.3 Medium | ||
Missing Authorization vulnerability in ashanjay EventON allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects EventON: from n/a through 4.9.9. | ||||
CVE-2025-47563 | 2025-05-19 | 5.3 Medium | ||
Missing Authorization vulnerability in villatheme CURCY allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects CURCY: from n/a through 2.3.7. | ||||
CVE-2025-31065 | 2025-05-19 | 5.3 Medium | ||
Missing Authorization vulnerability in themeton Rozario allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Rozario: from n/a through 1.4. | ||||
CVE-2025-31630 | 2025-05-19 | 5.3 Medium | ||
Missing Authorization vulnerability in themeton The Business allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects The Business: from n/a through 1.6.1. | ||||
CVE-2025-31923 | 2025-05-19 | 5.4 Medium | ||
Missing Authorization vulnerability in QuanticaLabs CSS3 Accordions for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CSS3 Accordions for WordPress: from n/a through 3.0. | ||||
CVE-2025-47534 | 2025-05-19 | 4.3 Medium | ||
Missing Authorization vulnerability in ValvePress Wordpress Auto Spinner allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Wordpress Auto Spinner: from n/a through 3.25.0. | ||||
CVE-2025-31071 | 2025-05-19 | 5.3 Medium | ||
Missing Authorization vulnerability in themeton HotStar – Multi-Purpose Business Theme allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects HotStar – Multi-Purpose Business Theme: from n/a through 1.4. | ||||
CVE-2025-32180 | 2025-05-19 | 4.3 Medium | ||
Missing Authorization vulnerability in QuanticaLabs CSS3 Tooltips for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CSS3 Tooltips for WordPress: from n/a through 1.8. | ||||
CVE-2025-48117 | 2025-05-19 | 5.3 Medium | ||
Missing Authorization vulnerability in kilbot WooCommerce POS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WooCommerce POS: from n/a through 1.7.8. | ||||
CVE-2025-48116 | 2025-05-19 | 5.3 Medium | ||
Missing Authorization vulnerability in Ashan Perera EventON allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects EventON: from n/a through 2.4.4. | ||||
CVE-2025-48127 | 2025-05-19 | 6.5 Medium | ||
Missing Authorization vulnerability in App Cheap Push notification for Mobile and Web app allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Push notification for Mobile and Web app: from n/a through 2.0.3. | ||||
CVE-2025-4477 | 2025-05-19 | 7.2 High | ||
The ThreatSonar Anti-Ransomware from TeamT5 has a Privilege Escalation vulnerability, allowing remote attackers with intermediate privileges to escalate their privileges to highest administrator level through a specific API. |