150 matches found
EUVD-2024-17229
Malicious code in bioql PyPI...
EUVD-2024-44564
Malicious code in bioql PyPI...
EUVD-2025-10474
Malicious code in bioql PyPI...
EUVD-2025-24779
Malicious code in bioql PyPI...
PT-2025-39553
Name of the Vulnerable Software and Affected Versions Roxnor EmailKit versions through 1.6.0 Description An authorization issue exists in Roxnor EmailKit, stemming from incorrectly configured access control security levels. This allows for potential exploitation of the system. Recommendations...
CVE-2025-58672
Missing Authorization vulnerability in weDevs WP User Frontend wp-user-frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through = 4.1.12...
CVE-2025-59559 WordPress Payrexx Payment Gateway for WooCommerce Plugin <= 3.1.5 - Broken Access Control Vulnerability
Missing Authorization vulnerability in payrexx Payrexx Payment Gateway for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Payrexx Payment Gateway for WooCommerce: from n/a through 3.1.5...
CVE-2025-57961 WordPress CoDesigner plugin <= 4.29 - Broken Access Control vulnerability
Missing Authorization vulnerability in Codexpert, Inc CoDesigner woolementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CoDesigner: from n/a through = 4.29...
CVE-2025-58663 WordPress Qubely Plugin <= 1.8.14 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Themeum Qubely qubely allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Qubely: from n/a through = 1.8.14...
CVE-2025-58192 WordPress WP Bulk Delete Plugin <= 1.3.6 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Xylus Themes WP Bulk Delete wp-bulk-delete allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Bulk Delete: from n/a through = 1.3.6...
CVE-2025-57896 WordPress Church Admin Plugin <= 5.0.26 - Broken Access Control Vulnerability
Missing Authorization vulnerability in andymoyle Church Admin allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Church Admin: from n/a through 5.0.26...
CVE-2025-49432 WordPress Ultimate Video Player Plugin <= 10.1 - Broken Access Control Vulnerability
Missing Authorization vulnerability in FWDesign Ultimate Video Player fwduvp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Video Player: from n/a through = 10.1...
CVE-2025-49432 WordPress Ultimate Video Player Plugin <= 10.1 - Broken Access Control Vulnerability
Missing Authorization vulnerability in FWDesign Ultimate Video Player fwduvp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Video Player: from n/a through = 10.1...
CVE-2025-53343 WordPress Modernize Theme <= 3.4.0 - Broken Access Control Vulnerability
Missing Authorization vulnerability in GoodLayers Modernize modernize allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Modernize: from n/a through = 3.4.0...
CVE-2025-53343 WordPress Modernize Theme <= 3.4.0 - Broken Access Control Vulnerability
Missing Authorization vulnerability in GoodLayers Modernize allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Modernize: from n/a through 3.4.0...
CVE-2025-54695 WordPress HT Mega Plugin plugin <= 2.9.0 - Broken Access Control Vulnerability
Missing Authorization vulnerability in DevItems HT Mega ht-mega-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HT Mega: from n/a through = 2.9.0...
CVE-2025-30639 WordPress IDonatePro Plugin <= 2.1.9 - Broken Access Control Vulnerability
Missing Authorization vulnerability in ThemeAtelier IDonatePro idonate-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonatePro: from n/a through = 2.1.9...
CVE-2025-52775
CVE-2025-52775 concerns the WordPress plugin Project Cost Calculator (versions ≤ 1.0.0). The issue is a missing/ broken authorization flaw caused by incorrectly configured access control security levels, enabling unauthorized access to cost calculator data. CVSS v3.1 metrics: AV:N, AC:L, PR:L, UI...
UBUNTU-CVE-2025-8770
An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that could have allowed authenticated users with specific access to bypass merge request approval policies by manipulating approval rule identifiers...
CVE-2025-42960
SAP Business Warehouse and SAP BW/4HANA BEx Tools allow an authenticated attacker to gain higher access levels than intended by exploiting improper authorization checks. This could potentially impact data integrity by allowing deletion of user table entries.�It has no impact on the confidentialit...