219072 matches found
EUVD-2026-36974
Unauthenticated Broken Access Control in Tutor LMS = 3.9.7 versions...
EUVD-2026-36973
Unauthenticated Broken Access Control in Redsys for WooCommerce Light = 7.0.0 versions...
EUVD-2026-36962
Unauthenticated Broken Access Control in AWP Classifieds = 4.4.4 versions...
EUVD-2026-36967
Subscriber Broken Access Control in RepairBuddy = 4.1132 versions...
EUVD-2026-36963
Unauthenticated Broken Access Control in WP Directory Kit = 1.5.0 versions...
EUVD-2026-36970
Subscriber Broken Access Control in Ultra Addons for WPForms = 1.0.11 versions...
EUVD-2026-36948
Unauthenticated Broken Access Control in Easy Digital Downloads = 3.6.5 versions...
EUVD-2026-36954
Subscriber Broken Access Control in Motors 1.4.107 versions...
EUVD-2026-36952
Unauthenticated Broken Access Control in Easy Appointments = 3.12.21 versions...
EUVD-2026-36957
Unauthenticated Broken Access Control in Masteriyo - LMS = 2.1.5 versions...
EUVD-2026-36912
Unauthenticated Broken Access Control in Essential Addons for Elementor 6.6.0 versions...
EUVD-2025-210163
Subscriber Broken Access Control in Bookify = 1.1.1 versions...
EUVD-2025-210159
Subscriber Broken Access Control in bunny.net = 2.3.6 versions...
EUVD-2026-36919
Subscriber Broken Access Control in Rank Math SEO = 1.0.271 versions...
EUVD-2026-36917
Unauthenticated Broken Access Control in Simple Membership = 4.7.1 versions...
EUVD-2026-36920
Unauthenticated Broken Access Control in Event Tickets Manager for WooCommerce = 1.5.3 versions...
EUVD-2026-36789
Incorrect access control in the /admin/api/config component of Filestash v0.4.0 allows attackers to escalate privileges via sending a crafted request...
EUVD-2026-36790
Incorrect access control in the "Let's Encrypt" certificate download endpoint of Nginx Proxy Manager v2.14.0 allows authenticated attackers to obtain the TLS private key material via a crafted GET request...
EUVD-2026-36783
Incorrect access control in the share-based read endpoints of Sismics Docs Teedy v1.11 allow unauthorized attackers to access sensitive endpoints via a crafted request...
EUVD-2026-36784
Incorrect access control in the webhook management component of Project Firefly III v6.5.9 allows attackers to scan internal resources via a crafted POST request...