EUVD-2025-210030

Missing Authorization vulnerability in Anton Shevchuk Constructor allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Constructor: from n/a through 1.6.5...

CVE-2025-53302

CVE-2025-53302 in WordPress Theme Constructor (<= 1.6.5) is a Missing Authorization / Broken Access Control issue. Publicly disclosed details indicate unauthenticated access to restricted functionality due to ACL constraints, affecting Constructor versions up to 1.6.5. CVSS v3.1 base score is ...

PT-2026-40908

Authorization bypass through User-Controlled key vulnerability in APPYAP Technology and Information Inc. Yaay Social Media App allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Yaay Social Media App: from 3.8.0 through 24102025...

CVE-2025-68009

Missing Authorization vulnerability in Codeless Slider Templates slider-templates allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Slider Templates: from n/a through = 1.0.3...

CVE-2025-67913

Missing Authorization vulnerability in Aruba.it Dev Aruba HiSpeed Cache aruba-hispeed-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Aruba HiSpeed Cache: from n/a through 3.0.3...

CVE-2025-60079

CVE-2025-60079 affects the WordPress Parallax Section block plugin (versions up to and including 1.0.9). The root cause is Missing Authorization, allowing functionality to be accessed without proper ACL constraints. Impact is described as access to restricted functionality due to broken authentic...

CVE-2025-66314

Improper Privilege Management vulnerability in ZTE ElasticNet UME R32 on Linux allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ElasticNet UME R32: ElasticNetUMER32V16.23.20.04...

CVE-2025-49394

Missing Authorization vulnerability in bPlugins Image Gallery block – Create and display photo gallery/photo album. 3d-image-gallery allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Image Gallery block – Create and display photo gallery/photo album.: from n/a...

CVE-2025-49916

Missing Authorization vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MultiVendorX: from n/a through = 4.2.23...

EUVD-2025-27394

Malicious code in bioql PyPI...

CVE-2023-41918

A vulnerability allows unauthorized access to functionality inadequately constrained by ACLs. Attackers may exploit this to unauthenticated execute commands potentially leading to unauthorized data manipulation, access to privileged functions, or even the execution of arbitrary code...

PT-2025-20091 · Dgamoni · Locateandfilter

Name of the Vulnerable Software and Affected Versions: dgamoni LocateAndFilter versions 1.6.16 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For versions 1.6.16 and...

PT-2025-4921 · Wc Wallet · Wc Wallet

Name of the Vulnerable Software and Affected Versions: WC Wallet versions n/a through 2.2.0 Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by Access Control Lists ACLs. ACLs are used to define permissions f...

CVE-2025-22737

Missing Authorization vulnerability in magepeopleteam WpTravelly tour-booking-manager allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WpTravelly: from n/a through = 1.8.5...

PT-2024-30490 · Reviewx · Reviewx

Name of the Vulnerable Software and Affected Versions: ReviewX versions 1.6.28 and earlier Description: The issue is related to missing authorization in ReviewX, allowing exploitation of incorrectly configured access control security levels. This enables accessing functionality not properly...

PT-2024-28225 · Mediaron Llc · Custom Query Blocks

Name of the Vulnerable Software and Affected Versions: MediaRon LLC Custom Query Blocks versions 5.2.0 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For versions 5.2.0...

PT-2023-19122 · Unknown · Js Help Desk

Name of the Vulnerable Software and Affected Versions: JS Help Desk versions 2.7.7 and earlier Description: The issue is related to an Authorization Bypass Through User-Controlled Key vulnerability. This allows accessing functionality not properly constrained by ACLs, which can lead to unauthoriz...