219075 matches found
CVE-2026-42651
CVE-2026-42651 affects the WordPress Classified Listing plugin (versions
CVE-2026-42640 WordPress Classified Listing plugin <= 5.3.8 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Classified Listing = 5.3.8 versions...
CVE-2026-42640 WordPress Classified Listing plugin <= 5.3.8 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Classified Listing = 5.3.8 versions...
EUVD-2026-36816
Unauthenticated Broken Access Control in Classified Listing = 5.3.8 versions...
CVE-2026-42640
WordPress Classified Listing plugin vulnerable to Unauthenticated Broken Access Control in versions <= 5.3.8. Affected software: WordPress Classified Listing plugin (
CVE-2026-40795 WordPress Amelia plugin <= 2.2 - Broken Access Control vulnerability
Subscriber Broken Access Control in Amelia = 2.2 versions...
CVE-2026-40794 WordPress myCred plugin <= 3.0.3 - Broken Access Control vulnerability
Subscriber Broken Access Control in myCred = 3.0.3 versions...
CVE-2026-40795 WordPress Amelia plugin <= 2.2 - Broken Access Control vulnerability
Subscriber Broken Access Control in Amelia = 2.2 versions...
CVE-2026-40795
The CVE-2026-40795 entry documents a Broken Access Control issue in the WordPress Amelia plugin, affecting versions <= 2.2. The vulnerability targets subscriber access rights, with the CVSS 3.1 base score of 6.5 (Medium), indicating potential high impact on integrity (I) and no confidentiality...
CVE-2026-40794
The CVE concerns WordPress plugin myCred ≤ 3.0.3 with a Broken Access Control vulnerability. Affected software: WordPress plugin myCred (versions up to 3.0.3). The provided sources identify the issue but do not disclose the exact root cause, affected functions/files, or concrete impact details be...
CVE-2026-40793 WordPress Groundhogg plugin < 4.4.1 - Broken Access Control vulnerability
Subscriber Broken Access Control in Groundhogg 4.4.1 versions...
CVE-2026-40793
CVE-2026-40793 concerns the WordPress Groundhogg plugin (versions earlier than 4.4.1) with a Broken Access Control vulnerability. The public description identifies the issue as a subscriber-level access control flaw in Groundhogg < 4.4.1. The connected documents corroborate that the vulnerabil...
CVE-2026-40793 WordPress Groundhogg plugin < 4.4.1 - Broken Access Control vulnerability
Subscriber Broken Access Control in Groundhogg 4.4.1 versions...
CVE-2026-40788 WordPress ChatBot plugin <= 7.9.7 - Broken Access Control vulnerability
Subscriber Broken Access Control in ChatBot = 7.9.7 versions...
CVE-2026-40788
CVE-2026-40788 affects WordPress ChatBot plugin versions
CVE-2026-40788 WordPress ChatBot plugin <= 7.9.7 - Broken Access Control vulnerability
Subscriber Broken Access Control in ChatBot = 7.9.7 versions...
CVE-2026-40782 WordPress WPAdverts plugin <= 2.3.0 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in WPAdverts = 2.3.0 versions...
CVE-2026-40782
CVE-2026-40782 : Unauthenticated Broken Access Control in WordPress WPAdverts plugin (versions
CVE-2026-40776
CVE-2026-40776 affects the WP Event Solution (Eventin) plugin up to version 4.1.8, where unauthenticated requests can trigger Broken Access Control. The root cause involves three permission checks that accept a wp_rest nonce as authentication, plus an IDOR-prone Order endpoint and an open seat-bo...
CVE-2026-40774 WordPress Booking Package plugin <= 1.7.06 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Booking Package = 1.7.06 versions...