CVE-2026-32515

CVE-2026-32515 is documented in Wordfence Intelligence as a Missing Authorization vulnerability affecting Miraculous: Multi Vendor Online Music Store Elementor WordPress Theme, versioned < 2.1.2. The Wordfence weekly report also lists related Miraculous entries (e.g., Miraculous Core

CVE-2026-32515

Missing Authorization vulnerability in kamleshyadav Miraculous miraculous allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Miraculous: from n/a through 2.1.2...

CVE-2024-32515

Missing Authorization vulnerability in Qamar Sheeraz, Nasir Ahmad Mega Addons For Elementor.This issue affects Mega Addons For Elementor: from n/a through 1.8...

CVE-2023-32515

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Matt Gibbs Custom Field Suite plugin = 2.6.2.1 versions...

CVE-2025-32515

CVE-2025-32515 is a Reflected XSS in Terminal Africa up to version 1.13.17. The vulnerability is caused by improper neutralization of input during web page generation, yielding a Cross-Site Scripting condition. The CVSS score is 7.1 (HIGH) with attack vector Network, complexity Low, privileges re...

CVE-2025-32515 WordPress Terminal Africa plugin <= 1.13.24 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in terminalafrica Terminal Africa terminal-africa allows Reflected XSS.This issue affects Terminal Africa: from n/a through = 1.13.24...

CVE-2025-32515 WordPress Terminal Africa plugin <= 1.13.24 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in terminalafrica Terminal Africa terminal-africa allows Reflected XSS.This issue affects Terminal Africa: from n/a through = 1.13.24...

WordPress Terminal Africa plugin <= 1.13.23 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by thiennv in WordPress Plugin Terminal Africa versions = 1.13.23...

CVE-2024-32515

Missing Authorization vulnerability in Qamar Sheeraz, Nasir Ahmad Mega Addons For Elementor.This issue affects Mega Addons For Elementor: from n/a through 1.8...

CVE-2024-32515 WordPress Mega Addons For Elementor plugin <= 1.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Qamar Sheeraz, Nasir Ahmad Mega Addons For Elementor.This issue affects Mega Addons For Elementor: from n/a through 1.8...

WordPress Mega Addons For Elementor Plugin <= 1.8 is vulnerable to Broken Access Control

Software Mega Addons For Elementor Type Plugin Vulnerable versions = 1.8 Fixed in 1.9 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32515 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID dde18d2c2470 Credits Friday Required privile...

CVE-2023-32515

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Matt Gibbs Custom Field Suite plugin = 2.6.2.1 versions...

CVE-2023-32515

CVE-2023-32515 affects WordPress Custom Field Suite plugin, vulnerable in versions

WordPress Custom Field Suite Plugin <= 2.6.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Custom Field Suite Type Plugin Vulnerable versions = 2.6.2.1 Fixed in 2.6.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-32515 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 7c463fb33b0b Credits Taihei Shimamine...

CVE-2022-32515

creationtimestamp| type| source ---|---|--- 2023-01-31 02:42:59+00:00| seen| https://t.me/cibsecurity/57190...

CVE-2022-32515

A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause brute force attacks to take over the admin account when the product does not implement a rate limit mechanism on the admin authentication form. Affected Products: Conext™ ComBox All Versions...

CVE-2022-32515

Conext ComBox is affected by CWE-307 due to insufficient restriction of excessive authentication attempts on the admin login form. The vulnerability exists in all versions and could enable brute-force takeover of the admin account when rate limiting is not implemented. The connected sources confi...

CVE-2021-32515

Directory listing vulnerability in sharelink in QSAN Storage Manager allows attackers to list arbitrary directories and further access credential information. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3...

CVE-2021-32515

QSAN Storage Manager (QSAN NAS OS by Quantium Technologies) contains a directory traversal flaw in the share_link component that lets an attacker list arbitrary directories and access credential information. Affected versions are 3.3.1 and earlier; remediation is upgrading to v3.3.3 (the fixed re...