PT-2026-33050

Name of the Vulnerable Software and Affected Versions Majestic Support versions prior to 1.1.3 Description Majestic Support contains a flaw where incorrectly configured access control security levels allow for missing authorization. Recommendations Update to a version newer than 1.1.2...

EUVD-2026-11879

Missing Authorization vulnerability in raratheme Pranayama Yoga pranayama-yoga allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pranayama Yoga: from n/a through = 1.2.2...

CVE-2025-64255

Technical details for CVE-2025-64255 are not provided in the supplied documents. No information on affected versions, root cause, exploit scenarios, or fixes. Monitor for updates from official advisories and connected sources.

PT-2025-47776

Missing Authorization vulnerability in theme funda Show Variations as Single Products Woocommerce woo-show-single-variations-shop-category allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Show Variations as Single Products Woocommerce: from n/a through =...

CVE-2025-54705 WordPress WpEvently plugin <= 4.4.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through = 4.4.6...

PT-2025-33247 · Hastech · Hastech Ht Mega

Name of the Vulnerable Software and Affected Versions: HasTech HT Mega versions through 2.9.0 Description: A missing authorization flaw exists in HasTech HT Mega, allowing exploitation of incorrectly configured access control security levels. Recommendations: Update HasTech HT Mega to a version...

CVE-2024-37218

Missing Authorization vulnerability in WordPress Page Builder Sandwich Team Page Builder Sandwich – Front-End Page Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Page Builder Sandwich – Front-End Page Builder: from n/a through 5.1.0...

CVE-2023-47647

Missing Authorization vulnerability in LearningTimes BadgeOS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BadgeOS: from n/a through 3.7.1.6...

CVE-2023-47188

Missing Authorization vulnerability in PressTigers Simple Job Board simple-job-board allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Job Board: from n/a through = 2.10.5...

CVE-2025-32296

Missing Authorization vulnerability in quantumcloud Simple Link Directory qc-simple-link-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Link Directory: from n/a through 14.8.1...

CVE-2025-46519

Missing Authorization vulnerability in M.Code Media Library Downloader media-library-downloader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Media Library Downloader: from n/a through = 1.3.1...

CVE-2025-31530

Missing Authorization vulnerability in Smackcoders Inc., Google SEO Pressor Snippet google-seo-author-snippets allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Google SEO Pressor Snippet: from n/a through = 2.0...

CVE-2025-30864

Technical details for CVE-2025-30864 are not publicly provided in the supplied documents. The entry notes a Missing Authorization issue in the Exchange Rates plugin (affected versions up to 1.2.2), but there are no specifics, exploit data, or remediation details in the sources.

CVE-2025-23615

Missing Authorization vulnerability in gtekelis Interactive Page Hierarchy interactive-page-hierarchy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Interactive Page Hierarchy: from n/a through = 1.0.1...

CVE-2024-29836

The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control, allowing for an unauthenticated attacker to update and add user profiles within the application, and gain full access of the site...

CVE-2024-29841

The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control on DESKTOPEDITUSERGETKEYSFIELDS, allowing for an unauthenticated attacker to return the keys value of any user...

CVE-2025-24643 WordPress WPGuppy plugin <= 1.1.0 - Broken Authentication vulnerability

Missing Authorization vulnerability in AmentoTech Private Limited WPGuppy wpguppy-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPGuppy: from n/a through = 1.1.0...

CVE-2025-24596 WordPress WooCommerce Product Table Lite plugin <= 3.8.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in WC Product Table WooCommerce Product Table Lite wc-product-table-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Product Table Lite: from n/a through = 3.8.7...

CVE-2025-24596

CVE-2025-24596 : WordPress WooCommerce Product Table Lite (WC Product Table Lite) has a Missing Authorization vulnerability affecting versions up to 3.8.7, described as Broken Access Control. The issue is publicly discussed in multiple sources (WordPress plugin vulnerability reports and Patchstac...

CVE-2024-56294

Missing Authorization vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nexter Blocks: from n/a through = 4.0.7...