EUVD-2025-26494

Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft MyRezzta allows Authentication Bypass, Password Recovery Exploitation, Brute Force. This issue affects MyRezzta: from s2.03.01 before v2.05.01...

CVE-2026-42749

CVE-2026-42749 concerns a vulnerability in the WordPress plugin “Disable Comments for Any Post Types (Remove comments)” by Themeisle. Connected documents specify a Broken Authentication issue that enables an authentication bypass via an alternate path/channel, with potential for “Password Recover...

PT-2026-43647

Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Password Recovery Exploitation.This issue affects KiviCare: from n/a through = 4.3.0...

CVE-2026-45217

CVE-2026-45217 concerns the WordPress Stripe Payment Gateway for WooCommerce plugin (≤ 5.0.7). Connected sources describe a Broken Authentication vulnerability allowing an Authentication Bypass via an alternate path or channel, enabling Password Recovery Exploitation. Affected component is the St...

CVE-2026-27073

CVE-2026-27073 is a WordPress plugin issue affecting Addi – Cuotas que se adaptan a ti, 2.0.4. The available connected sources do not provide explicit exploit details or in-the-wild activity beyond the vulnerability description and fixes. If you use this plugin, prioritize upgrading to a non-vul...

PT-2026-27973

Name of the Vulnerable Software and Affected Versions Addi – Cuotas que se adaptan a ti versions n/a through 2.0.4 Description A flaw exists in Addi – Cuotas que se adaptan a ti buy-now-pay-later-addi that allows for exploitation of the password recovery function due to the use of hard-coded...

CVE-2025-68895 WordPress AhaChat Messenger Marketing plugin <= 1.1 - Broken Authentication vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in ahachat AhaChat Messenger Marketing ahachat-messenger-marketing allows Password Recovery Exploitation.This issue affects AhaChat Messenger Marketing: from n/a through = 1.1...

CVE-2025-4319

Improper Restriction of Excessive Authentication Attempts, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Birebirsoft Software and Technology Solutions Sufirmam allows Brute Force, Password Recovery Exploitation. This issue affects Sufirmam: through 23012026. NOTE: The...

CVE-2025-1928

Improper Restriction of Excessive Authentication Attempts vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows Password Recovery Exploitation.This issue affects Online Food Delivery System: through 19122025...

CVE-2025-1928

Improper Restriction of Excessive Authentication Attempts vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows Password Recovery Exploitation. This issue affects Online Food Delivery System: through 19122025. NOTE: The vendor was contacted early about this...

CVE-2025-1928

CVE-2025-1928 concerns Restajet Information Technologies Inc. Online Food Delivery System. Multiple connected sources confirm an issue with improper restriction of excessive authentication attempts up to version 19122025, enabling a password recovery exploitation and potentially leading to full a...

CVE-2025-1928 Improper Authentication in Restajet's Online Food Delivery System

Improper Restriction of Excessive Authentication Attempts vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows Password Recovery Exploitation. This issue affects Online Food Delivery System: through 19122025. NOTE: The vendor was contacted early about this...

PT-2025-52443

Name of the Vulnerable Software and Affected Versions Restajet Information Technologies Inc. Online Food Delivery System versions through 19122025 Description An issue exists in Restajet Information Technologies Inc. Online Food Delivery System that allows for Password Recovery Exploitation due t...

CVE-2025-60041 WordPress Emails Catch All plugin <= 3.5.3 - Broken Authentication vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in Iulia Cazan Emails Catch All emails-catch-all allows Password Recovery Exploitation.This issue affects Emails Catch All: from n/a through = 3.5.3...

CVE-2025-1740

Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft MyRezzta allows Authentication Bypass, Password Recovery Exploitation, Brute Force.This issue affects MyRezzta: from s2.03.01 before v2.05.01...

PT-2025-35704

Name of the Vulnerable Software and Affected Versions Akinsoft MyRezzta versions s2.03.01 through v2.05.01 Description An improper restriction of excessive authentication attempts issue exists in Akinsoft MyRezzta, potentially allowing authentication bypass, password recovery exploitation, and...

CVE-2023-6259

Insufficiently Protected Credentials, : Improper Access Control vulnerability in Brivo ACS100, ACS300 allows Password Recovery Exploitation, Bypassing Physical Security.This issue affects ACS100, ACS300: from 5.2.4 before 6.2.4.3...

CVE-2025-2538

A hardcoded credential vulnerability exists in a specific deployment pattern for Esri Portal for ArcGIS versions 11.4 and below that may allow a remote unauthenticated attacker to gain administrative access to the system...

CVE-2023-6259

Insufficiently Protected Credentials, : Improper Access Control vulnerability in Brivo ACS100, ACS300 allows Password Recovery Exploitation, Bypassing Physical Security.This issue affects ACS100, ACS300: from 5.2.4 before 6.2.4.3...

Improper access control

Insufficiently Protected Credentials, : Improper Access Control vulnerability in Brivo ACS100, ACS300 allows Password Recovery Exploitation, Bypassing Physical Security.This issue affects ACS100, ACS300: from 5.2.4 before 6.2.4.3...