Lucene search
K

11573 matches found

CVE
CVE
added yesterday15 views

CVE-2026-57797

CVE-2026-57797 describes a Missing Authorization (Broken Access Control) vulnerability in the WordPress EduMall theme (ThemeMove EduMall) up to version 4.5.1. The NVD/CVE records and Patchstack entry indicate that access control levels were incorrectly configured, allowing unauthorized access to ...

4.3CVSS6.1AI score0.00329EPSS
Exploits0References1
CVE
CVE
added yesterday17 views

CVE-2026-57779

The CVE covers a Missing Authorization (Broken Access Control) issue in the WordPress Fascinate theme, versions up to and including 1.1.5. The public description states exploitation arises from Incorrectly Configured Access Control Security Levels, affecting Fascinate via the theme and is categor...

5.3CVSS6.1AI score0.00285EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday9 views

CVE-2026-57776 WordPress VW Wedding theme <= 1.3.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in vowelweb VW Wedding vw-wedding allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Wedding: from n/a through = 1.3.7...

5.3CVSS0.00415EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday10 views

CVE-2026-57797 WordPress EduMall theme <= 4.5.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in ThemeMove EduMall edumall allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EduMall: from n/a through = 4.5.1...

4.3CVSS0.00329EPSS
Exploits0References1
CVE
CVE
added yesterday9 views

CVE-2026-61985

CVE-2026-61985 affects the WordPress Car Rental Manager plugin (

5.3CVSS6.1AI score0.00294EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday11 views

CVE-2026-59523 WordPress Simply Schedule Appointments plugin <= 1.6.11.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simply Schedule Appointments: from n/a through = 1.6.11.11...

6.5CVSS0.00266EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday11 views

CVE-2026-57778 WordPress Booking calendar, Appointment Booking System plugin <= 3.2.36 - Broken Access Control vulnerability

Missing Authorization vulnerability in wpdevart Booking calendar, Appointment Booking System booking-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking calendar, Appointment Booking System: from n/a through = 3.2.36...

5.3CVSS0.00285EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday11 views

CVE-2026-57781 WordPress MeetingHub plugin <= 1.25.10 - Broken Access Control vulnerability

Missing Authorization vulnerability in Sovlix MeetingHub meetinghub allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MeetingHub: from n/a through = 1.25.10...

5.3CVSS0.00285EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday10 views

CVE-2026-61983 WordPress Church Admin plugin <= 5.0.30 - Broken Access Control vulnerability

Missing Authorization vulnerability in andymoyle Church Admin church-admin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Church Admin: from n/a through = 5.0.30...

5.3CVSS0.00294EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday10 views

CVE-2026-57779 WordPress Fascinate theme <= 1.1.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in themebeez Fascinate fascinate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fascinate: from n/a through = 1.1.5...

5.3CVSS0.00285EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday11 views

CVE-2026-57782 WordPress Universal Clocks plugin <= 1.2.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in PressTigers Universal Clocks universal-clocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Universal Clocks: from n/a through = 1.2.0...

5.3CVSS0.00285EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday10 views

CVE-2026-61968 WordPress myCred plugin <= 3.1.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Saad Iqbal myCred mycred allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects myCred: from n/a through = 3.1.2...

5.4CVSS0.00287EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday10 views

CVE-2026-57812 WordPress Simply Schedule Appointments plugin <= 1.6.12.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simply Schedule Appointments: from n/a through = 1.6.12.4...

6.5CVSS0.00332EPSS
Exploits0References1
CVE
CVE
added yesterday11 views

CVE-2026-57776

CVE-2026-57776 affects the WordPress VW Wedding theme (vw-wedding) up to version 1.3.7. The issue is described as a Missing Authorization / Broken Access Control vulnerability resulting from incorrectly configured access control levels, allowing exploitation under the described scenario (per CVE ...

5.3CVSS6.1AI score0.00415EPSS
Exploits0References1
CVE
CVE
added yesterday6 views

CVE-2026-61968

CVE-2026-61968 affects the WordPress myCred plugin up to version 3.1.2. The root cause is a Missing Authorization/Broken Access Control due to incorrectly configured access control security levels, allowing unintended access. The CVE indicates a MEDIUM-severity issue (CVSS 3.1: 5.4) with network ...

5.4CVSS6.1AI score0.00287EPSS
Exploits0References1
CVE
CVE
added yesterday10 views

CVE-2026-57778

CVE-2026-57778 affects the WordPress plugin Booking calendar, Appointment Booking System, specifically versions up to and including 3.2.36. The issue is described as Missing Authorization / Broken Access Control, arising from incorrectly configured access control security levels in the booking-ca...

5.3CVSS6.1AI score0.00285EPSS
Exploits0References1
CVE
CVE
added yesterday6 views

CVE-2026-59523

CVE-2026-59523 affects the WordPress plugin Simply Schedule Appointments (

6.5CVSS6.1AI score0.00266EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday10 views

CVE-2026-57400 WordPress Event Tickets Manager for WooCommerce plugin <= 1.5.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP Swings Event Tickets Manager for WooCommerce event-tickets-manager-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Event Tickets Manager for WooCommerce: from n/a through = 1.5.5...

6.5CVSS0.00332EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday9 views

CVE-2026-57418 WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.13 - Broken Access Control vulnerability

Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through = 20.8.13...

6.5CVSS0.0034EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday10 views

CVE-2026-57424 WordPress Razorpay Payment Links for WooCommerce plugin <= 2.1.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in knitpay Razorpay Payment Links for WooCommerce rzp-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Razorpay Payment Links for WooCommerce: from n/a through = 2.1.4...

6.5CVSS0.00332EPSS
Exploits0References1
Rows per page
Query Builder