90 matches found
CVE-2025-48127
Missing Authorization vulnerability in App Cheap Push notification for Mobile and Web app push-notification-mobile-and-web-app allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Push notification for Mobile and Web app: from n/a through = 2.0.3...
CVE-2025-39493
Missing Authorization vulnerability in ValvePress Rankie valvepress-rankie allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rankie: from n/a through 1.8.2...
CVE-2025-47612
Missing Authorization vulnerability in ClickWhale ClickWhale clickwhale allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ClickWhale: from n/a through = 2.4.6...
CVE-2025-47628
CVE-2025-47628 relates to the WordPress plugin QS Dark Mode (versions ≤ 3.0). The available documents describe a Missing Authorization/Broken Access Control vulnerability, allowing exploitation of improperly configured access control levels. No concrete exploit details, affected product/version r...
CVE-2025-39545
Missing Authorization vulnerability in miniOrange WordPress REST API Authentication wp-rest-api-authentication allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress REST API Authentication: from n/a through = 3.6.3...
CVE-2025-31746
Missing Authorization vulnerability in Think201 Clients clients allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clients: from n/a through = 1.1.4...
CVE-2025-32218
Missing Authorization vulnerability in RealMag777 TableOn posts-table-filterable allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TableOn: from n/a through = 1.0.5.1...
CVE-2025-31820
Missing Authorization vulnerability in webdevstudios Automatic Featured Images from Videos automatic-featured-images-from-videos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automatic Featured Images from Videos: from n/a through = 1.2.4...
CVE-2025-31732
Missing Authorization vulnerability in gb-plugins GB Gallery Slideshow gb-gallery-slideshow allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GB Gallery Slideshow: from n/a through = 1.3...
CVE-2025-31846 WordPress Theater for WordPress plugin <= 0.18.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in Jeroen Schmit Theater for WordPress theatre allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Theater for WordPress: from n/a through = 0.18.7...
CVE-2025-2994 Tenda FH1202 Web Management Interface qossetting access control
A vulnerability, which was classified as critical, was found in Tenda FH1202 1.2.0.14408. This affects an unknown part of the file /goform/qossetting of the component Web Management Interface. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The...
CVE-2025-22739
CVE-2025-22739 affects LearnPress (WordPress LMS Plugin) up to version 4.2.7.5 and is a Missing Authorization vulnerability. The CVSS 3.1 score is 5.3 (Medium). Connected data confirm a patch exists for LearnPress, i.e., the issue has been addressed in a later release. Action: upgrade LearnPress ...
CVE-2025-22280
Missing Authorization vulnerability in revmakx DefendWP Firewall defend-wp-firewall allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DefendWP Firewall: from n/a through = 1.1.0...
CVE-2025-22657
Missing Authorization vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Atarim: from n/a through = 4.0.9...
CVE-2024-56276
Missing Authorization vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form by WPForms: from n/a through = 1.9.2.2...
CVE-2023-46644
Missing Authorization vulnerability in WP CTA PRO WordPress CTA allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress CTA: from n/a through 1.5.8...
CVE-2023-46082
Missing Authorization vulnerability in Cyberlord92 Broken Link Checker | Finder broken-link-finder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broken Link Checker | Finder: from n/a through = 2.4.2...
CVE-2023-39997
Missing Authorization vulnerability in supsystic.com Popup by Supsystic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup by Supsystic: from n/a through 1.10.19...
CVE-2023-38475
Missing Authorization vulnerability in RedNao Donations Made Easy – Smart Donations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Donations Made Easy – Smart Donations: from n/a through 4.0.12...
CVE-2023-35046
Missing Authorization vulnerability in Dynamic.ooo Dynamic Visibility for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dynamic Visibility for Elementor: from n/a through 5.0.5...