PT-2026-27856

Name of the Vulnerable Software and Affected Versions WPVulnerability versions through 4.2.1 Description An authorization issue exists in Javier Casares WPVulnerability wpvulnerability. The issue stems from incorrectly configured access control security levels, potentially allowing unauthorized...

CVE-2026-24616

Missing Authorization vulnerability in Damian WP Popups wp-popups-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Popups: from n/a through = 2.2.0.5...

EUVD-2025-20698

Malicious code in bioql PyPI...

EUVD-2023-43975

Malicious code in bioql PyPI...

EUVD-2022-34830

Malicious code in bioql PyPI...

EUVD-2022-39825

Malicious code in bioql PyPI...

PT-2025-34004 · WordPress · Relywp Coupon Affiliates

Name of the Vulnerable Software and Affected Versions: RelyWP Coupon Affiliates versions through 6.4.0 Description: A missing authorization flaw exists in Elliot Sowersby / RelyWP Coupon Affiliates, allowing exploitation of incorrectly configured access control security levels. Recommendations:...

CVE-2025-20285

A vulnerability in the IP Access Restriction feature of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to bypass configured IP access restrictions and log in to the device from a disallowed IP address. This vulnerability is due to improper enforcement of access controls...

CVE-2025-7076 BlackVue Dashcam 590X Configuration upload.cgi access control

A vulnerability was found in BlackVue Dashcam 590X up to 20250624. It has been rated as critical. Affected by this issue is some unknown functionality of the file /upload.cgi of the component Configuration Handler. The manipulation leads to improper access controls. The attack needs to be initiat...

CVE-2025-48147

Missing Authorization vulnerability in Crypto Cloud CryptoCloud - Crypto Payment Gateway cryptocloud-crypto-payment-gateway allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CryptoCloud - Crypto Payment Gateway: from n/a through = 2.1.2...

CVE-2025-49288

Missing Authorization vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows Authentication Bypass.This issue affects Ultimate WP Mail: from n/a through = 1.3.5...

PT-2025-24181 · Unknown · Post Grid Master

Name of the Vulnerable Software and Affected Versions: Post Grid Master versions through 3.4.13 Description: The issue is related to Missing Authorization, allowing exploitation of incorrectly configured access control security levels. Recommendations: For versions through 3.4.13, update to a...

CVE-2025-5163

A vulnerability, which was classified as problematic, was found in yangshare 技术杨工 warehouseManager 仓库管理系统 1.0. This affects an unknown part. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be...

CVE-2025-47529

Missing Authorization vulnerability in UX Design Experts Experto CTA Widget - Call To Action, Sticky CTA, Floating Button Plugin experto-cta-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Experto CTA Widget - Call To Action, Sticky CTA, Floating...

CVE-2023-45766

Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through = 4.7.1...

CVE-2022-48615

An improper access control vulnerability exists in a Huawei datacom product. Attackers can exploit this vulnerability to obtain partial device information...

CVE-2025-45614

Incorrect access control in the component /api/user/manager of One v1.0 allows attackers to access sensitive information via a crafted payload...

Exploit for Improper Access Control in Papercut Papercut_Mf

CVE-2023-27350 This PoC demonstrates how it’s possible to byp...

CVE-2025-32246

CVE-2025-32246 concerns a Missing Authorization vulnerability in the WordPress plugin “1-Click Backup & Restore Database” by Tim Nguyen. Affected range is from none specified to 1.0.3. The CVE entry provides a CVSS v3.1 base score of 5.4 (NETWORK, LOW-PRIVILEGES, NONE UI, LOW confidentiality/inte...

CVE-2025-22285

Missing Authorization vulnerability in enituretechnology Pallet Packaging for WooCommerce pallet-packaging-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pallet Packaging for WooCommerce: from n/a through = 1.1.15...