44 matches found
CVE-2025-22741
CVE-2025-22741 concerns a Reflected Cross-Site Scripting in RiceTheme Felan Framework and the WordPress Felan Framework plugin (
WordPress Advanced Scrollbar – Custom Scrollbar Styling and Behavior plugin <= 1.1.3 - Unauthenticated Reflected Cross-Site Scripting vulnerability
Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Advanced scrollbar versions = 1.1.3...
EUVD-2026-9658
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Equadio equadio allows PHP Local File Inclusion.This issue affects Equadio: from n/a through = 1.1.3...
WordPress Equadio theme <= 1.1.3 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Equadio versions = 1.1.3...
CVE-2025-68834
Missing Authorization vulnerability in Saiful Islam Sync Master Sheet – Product Sync with Google Sheet for WooCommerce product-sync-master-sheet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sync Master Sheet – Product Sync with Google Sheet for...
CVE-2025-68050 WordPress Leadpages plugin <= 1.1.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Leadpages Leadpages leadpages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leadpages: from n/a through = 1.1.3...
WordPress Optimize More! – Images plugin <= 1.1.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Muhammad Nur Ibnu Hubab in WordPress Plugin Optimize More! Images versions = 1.1.3...
WordPress Leadpages plugin <= 1.1.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by NumeX in WordPress Plugin Leadpages versions = 1.1.3...
CVE-2025-68882
Missing Authorization vulnerability in Scalenut Scalenut scalenut allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Scalenut: from n/a through = 1.1.5...
CVE-2026-24551 WordPress Monetag Official Plugin plugin <= 1.1.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in monetagwp Monetag Official Plugin monetag-official allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Monetag Official Plugin: from n/a through = 1.1.3...
CVE-2026-24551
CVE-2026-24551 is a Missing Authorization (Broken Access Control) vulnerability in the Monetag Official Plugin (monetag-official) for WordPress, affecting versions up to and including 1.1.3. Reported issue: access control misconfiguration may allow unauthorized actions, per the vulnerability desc...
WordPress Monetag Official Plugin plugin <= 1.1.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Monetag Official Plugin versions = 1.1.3...
CVE-2025-68882
Missing Authorization vulnerability in Scalenut Scalenut scalenut allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Scalenut: from n/a through = 1.1.5...
CVE-2025-69043 WordPress Rashy theme <= 1.1.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Rashy rashy allows PHP Local File Inclusion.This issue affects Rashy: from n/a through = 1.1.3...
CVE-2025-68882 WordPress Scalenut plugin <= 1.1.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in Scalenut Scalenut scalenut allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Scalenut: from n/a through = 1.1.5...
CVE-2025-23993
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RiceTheme Felan Framework felan-framework allows SQL Injection.This issue affects Felan Framework: from n/a through = 1.1.3...
CVE-2025-23993
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RiceTheme Felan Framework felan-framework allows SQL Injection.This issue affects Felan Framework: from n/a through = 1.1.3...
CVE-2025-23993
CVE-2025-23993 describes an SQL Injection in Felan Framework (RiceTheme Felan) affecting Felan Framework versions from n/a through
CVE-2025-62021 WordPress Acknowledgify plugin <= 1.1.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Made Neat Acknowledgify acknowledgify.This issue affects Acknowledgify: from n/a through = 1.1.3...
CVE-2025-62021
CVE-2025-62021 describes a Missing Authorization (Broken Access Control) flaw in the WordPress plugin Acknowledgify, affecting versions