34 matches found
CVE-2024-37496
CVE-2024-37496 concerns the WordPress Metro Magazine theme (
CVE-2026-24985
The CVE-2026-24985 entry describes a Missing Authorization/Broken Access Control vulnerability in the approveme WP Forms Signature Contract Add-On for WordPress, affecting versions up to and including 1.8.2. The issue stems from incorrectly configured access control security levels, enabling unau...
CVE-2026-24985 WordPress WP Forms Signature Contract Add-On plugin <= 1.8.2 - Broken Access Control to Notice Dismissal vulnerability
Missing Authorization vulnerability in approveme WP Forms Signature Contract Add-On wp-forms-signature-contract-add-on allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Forms Signature Contract Add-On: from n/a through = 1.8.2...
CVE-2026-24985 WordPress WP Forms Signature Contract Add-On plugin <= 1.8.2 - Broken Access Control to Notice Dismissal vulnerability
Missing Authorization vulnerability in approveme WP Forms Signature Contract Add-On wp-forms-signature-contract-add-on allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Forms Signature Contract Add-On: from n/a through = 1.8.2...
WordPress WP Forms Signature Contract Add-On plugin <= 1.8.2 - Broken Access Control to Notice Dismissal vulnerability
Broken Access Control to Notice Dismissal vulnerability discovered by Nabil Irawan in WordPress Plugin WP Forms Signature Contract Add-On versions = 1.8.2...
CVE-2025-64294 WordPress WP Snow Effect plugin <= 1.1.19 - Broken Access Control vulnerability
Missing Authorization vulnerability in d3wp WP Snow Effect wp-snow-effect allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Snow Effect: from n/a through = 1.1.19...
CVE-2025-64294
CVE-2025-64294 – WordPress WP Snow Effect : The WP Snow Effect plugin (d3wp) versions up to and including 1.1.15 suffer a Missing Authorization vulnerability where a user can access functionality not properly constrained by ACLs. The issue is described as missing authorization to access restricte...
CVE-2025-64296 WordPress Facebook for WooCommerce plugin <= 3.5.7 - Broken Access Control to Notice Dismissal vulnerability
Missing Authorization vulnerability in Facebook Facebook for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Facebook for WooCommerce: from n/a through 3.5.7...
CVE-2025-64296 WordPress Facebook for WooCommerce plugin <= 3.5.7 - Broken Access Control to Notice Dismissal vulnerability
Missing Authorization vulnerability in Facebook Facebook for WooCommerce facebook-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Facebook for WooCommerce: from n/a through = 3.5.7...
EUVD-2022-46481
Malicious code in bioql PyPI...
CVE-2025-47688 WordPress Advanced File Manager plugin <= 5.3.1 - Broken Access Control to Notice Dismissal vulnerability
Missing Authorization vulnerability in Saad Iqbal Advanced File Manager file-manager-advanced allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced File Manager: from n/a through = 5.3.1...
WordPress Widget Options plugin <= 4.0.8 - Broken Access Control to Notice Dimissal vulnerability
Broken Access Control to Notice Dimissal vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Widget Options versions = 4.0.8...
CVE-2024-38766 WordPress Matomo Analytics plugin <= 5.1.1 - Cross Site Request Forgery (CSRF) leading to Notice Dismissal vulnerability
Cross-Site Request Forgery CSRF vulnerability in Matomo Matomo Analytics allows Cross Site Request Forgery.This issue affects Matomo Analytics: from n/a through 5.1.1...
CVE-2024-37505 WordPress Business One Page theme <= 1.2.9 - Broken Access Control on Notice Dismissal vulnerability
Missing Authorization vulnerability in Rara Themes Business One Page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Business One Page: from n/a through 1.2.9...
CVE-2024-49325 WordPress Photo Gallery Builder plugin <= 3.0 - Broken Access Control to Notice Dismissal vulnerability
Missing Authorization vulnerability in wpdiscover Photo Gallery Builder photo-gallery-builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Photo Gallery Builder: from n/a through = 3.0...
WordPress Photo Gallery Builder plugin <= 3.0 - Broken Access Control to Notice Dismissal vulnerability
Broken Access Control to Notice Dismissal vulnerability discovered by Marek Mikita Patchstack Alliance in WordPress Plugin Photo Gallery Builder versions = 3.0...
WordPress Matomo Analytics plugin <= 5.1.1 - Cross Site Request Forgery (CSRF) leading to Notice Dismissal vulnerability
Cross Site Request Forgery CSRF leading to Notice Dismissal vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Matomo Analytics versions = 5.1.1...
WordPress Business One Page theme <= 1.2.9 - Broken Access Control on Notice Dismissal vulnerability
Broken Access Control on Notice Dismissal vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Business One Page versions = 1.2.9...
WordPress Metro Magazine theme <= 1.3.7 - Broken Access Control on Notice Dismissal vulnerability
Broken Access Control on Notice Dismissal vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Metro Magazine versions = 1.3.7...
WordPress Bakes And Cakes theme <= 1.2.6 - Broken Access Control on Notice Dismissal vulnerability
Broken Access Control on Notice Dismissal vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Bakes And Cakes versions = 1.2.6...