CVE-2023-32959 WordPress MetroStore theme <= 1.3.2 - Broken Access Control

Missing Authorization vulnerability in Sparkle WP MetroStore metrostore allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MetroStore: from n/a through 1.3.2...

PT-2026-44026

Missing Authorization vulnerability in Prasad Kirpekar WP Meta and Date Remover allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Meta and Date Remover: from n/a through 2.3.6...

WordPress plugin WP Meta and Date Remover 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2026-39509

Missing Authorization vulnerability in wpWax Directorist directorist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Directorist: from n/a through = 8.5.10...

CVE-2026-39605 WordPress Super Custom Login plugin <= 1.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Obadiah Super Custom Login super-custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Custom Login: from n/a through = 1.1...

CVE-2026-25034

Missing Authorization vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KiviCare: from n/a through = 3.6.16...

CVE-2026-32374

Missing Authorization vulnerability in raratheme The Minimal the-minimal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Minimal: from n/a through = 1.2.9...

PT-2026-20726

Missing Authorization vulnerability in sparklewpthemes Hello FSE hello-fse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hello FSE: from n/a through = 1.0.6...

CVE-2026-24996

CVE-2026-24996 refers to a Missing Authorization / Broken Access Control vulnerability in the WordPress plugin WPElemento Importer (versions up to and including 0.6.4). Multiple connected sources confirm the affected software and the root cause as an incorrectly configured access control, enablin...

Linux Distros Unpatched Vulnerability : CVE-2026-22022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's Rule Based Authorization Plugin are vulnerable to allowing unauthorized access to certain So...

CVE-2025-68547

Missing Authorization vulnerability in wpweb Follow My Blog Post follow-my-blog-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Follow My Blog Post: from n/a through = 2.4.0...

CVE-2025-62081

CVE-2025-62081 – Missing Authorization in Live Shopping & Shoppable Videos For WooCommerce. Exploiting Incorrectly Configured Access Control Security Levels may allow unauthorized access to features. Affected software: Live Shopping & Shoppable Videos For WooCommerce (up to 2.2.0). Patch status: ...

EUVD-2025-205654

Missing Authorization vulnerability in Crocoblock JetBlog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetBlog: from n/a through 2.4.7...

CVE-2025-68592

Missing Authorization vulnerability in Liton Arefin WP Adminify adminify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Adminify: from n/a through = 4.0.6.1...

Arduino IDE 安全漏洞

Arduino IDE is an Arduino open source development tool. A security vulnerability exists in Arduino IDE versions prior to 2.3.7 that stems from improperly configured file permissions, which could lead to elevated privileges and access to sensitive data...

Arduino IDE 安全漏洞

Arduino IDE is an Arduino open source development tool. A security vulnerability exists in Arduino IDE versions prior to 2.3.7, which stems from a misconfiguration of security permissions and could result in bypassing macOS hardened runtime protections...

CVE-2025-67568 WordPress Basel theme <= 5.9.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in xtemos Basel basel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Basel: from n/a through = 5.9.1...

CVE-2025-67548 WordPress WP Delicious plugin <= 1.9.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP Delicious WP Delicious delicious-recipes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Delicious: from n/a through = 1.9.1...

PT-2025-46534

Name of the Vulnerable Software and Affected Versions Spectrum Power versions prior to 4.70 SP12 Update 2 Description The application is susceptible to a local privilege escalation. Incorrectly configured permissions on a binary allow a local attacker to obtain administrative privileges...

What Security Teams Need to Know as PHP and IoT Exploits Surge

Attack automation is accelerating, widening the window between detection and response. Qualys TRU telemetry reveals how these attacks unfold and what defenders can do next. The Qualys Threat Research Unit TRU has identified a sharp increase in attacks targeting PHP servers, IoT devices, and cloud...