Lucene search
+L

150 matches found

CVE
CVE
added 2026/01/23 2:29 p.m.14 views

CVE-2026-24605

CVE-2026-24605 concerns WordPress plugin X Addons for Elementor with versions up to 1.0.23. The Red Hat/NVD entries describe a Missing Authorization vulnerability caused by misconfigured access control security levels, enabling unauthorized access. Public feeds corroborate the affected software a...

4.3CVSS5.4AI score0.0025EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/23 2:28 p.m.4 views

CVE-2026-24532

Missing Authorization vulnerability in SiteLock SiteLock Security – WP Hardening, Login Security & Malware Scans allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteLock Security – WP Hardening, Login Security & Malware Scans: from n/a through 5.0.2...

8.8CVSS5.4AI score0.00235EPSS
Exploits0References3
CVE
CVE
added 2026/01/23 2:28 p.m.20 views

CVE-2026-24529

CVE-2026-24529 affects the WordPress plugin Quick Restaurant Reservations (

5.3CVSS5.4AI score0.00264EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/22 4:52 p.m.20 views

CVE-2026-22461 WordPress CTX Feed plugin <= 6.6.18 - Broken Access Control vulnerability

Missing Authorization vulnerability in WebAppick CTX Feed webappick-product-feed-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CTX Feed: from n/a through = 6.6.18...

5.3CVSS0.00314EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/22 4:52 p.m.2 views

CVE-2026-22396

Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Fiorello fiorello allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fiorello: from n/a through = 1.0...

5.4CVSS5.3AI score0.00229EPSS
Exploits0References2
CVE
CVE
added 2026/01/22 4:52 p.m.16 views

CVE-2025-69188

CVE-2025-69188 is a WordPress plugin issue in the Fitness Trainer plugin (eCommerce/fitness plugin) labeled as a Missing Authorization vulnerability. Affected versions are &lt;= 1.7.1. The security issue stems from incorrectly configured access control security levels, enabling unauthorized actio...

7.3CVSS5.4AI score0.00219EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/22 4:52 p.m.2 views

CVE-2025-69188 WordPress fitness-trainer plugin <= 1.7.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in e-plugins fitness-trainer fitness-trainer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects fitness-trainer: from n/a through = 1.7.1...

7.3CVSS5.9AI score0.00219EPSS
Exploits0References1
CVE
CVE
added 2026/01/22 4:51 p.m.8 views

CVE-2025-67967

CVE-2025-67967 is a Missing Authorization/Broken Access Control vulnerability in the WordPress plugin e-plugins Lawyer Directory (lawyer-directory) affecting versions up through 1.3.3. Root cause: incorrectly configured access control security levels allowing unauthorized privilege escalation. Pu...

7.6CVSS5.4AI score0.00325EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/08 4:23 p.m.4 views

CVE-2026-22492 WordPress Docket Cache plugin <= 24.07.04 - Broken Access Control vulnerability

Missing Authorization vulnerability in Nawawi Jamili Docket Cache docket-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Docket Cache: from n/a through = 24.07.04...

4.3CVSS5.9AI score0.00256EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/06 4:36 p.m.33 views

CVE-2025-69355 WordPress Tickera plugin <= 3.5.6.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Tickera Tickera tickera-event-ticketing-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tickera: from n/a through = 3.5.6.4...

4.3CVSS0.00155EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/06 4:36 p.m.27 views

CVE-2025-69327 WordPress Car Rental Manager plugin <= 1.0.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in magepeopleteam Car Rental Manager car-rental-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Car Rental Manager: from n/a through = 1.0.9...

4.3CVSS0.0024EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/05 10:24 a.m.27 views

CVE-2025-31046 WordPress AnyWhere Elementor Pro plugin <= 2.29 - Broken Access Control Vulnerability

Missing Authorization vulnerability in WPvibes AnyWhere Elementor Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AnyWhere Elementor Pro: from n/a through 2.29...

4.3CVSS0.00155EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/31 6:35 p.m.3 views

CVE-2025-66150 WordPress Appender plugin <= 1.1.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in merkulove Appender appender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Appender: from n/a through = 1.1.1...

5.4CVSS5.1AI score0.00173EPSS
Exploits0References1
CVE
CVE
added 2025/12/31 4:58 p.m.31 views

CVE-2025-66157

Technical details for CVE-2025-66157 are not provided in the supplied documents; no affected versions, impact, vectors, or fixes are specified. Monitor official updates for additional information.

5.4CVSS5.9AI score0.00221EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/31 3:1 p.m.3 views

CVE-2025-62147 WordPress Realbig plugin <= 1.1.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Nik Melnik Realbig allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Realbig: from n/a through 1.1.3...

5.3CVSS6.6AI score0.00176EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/30 10:47 a.m.3 views

CVE-2025-69024 WordPress BizPrint plugin <= 4.6.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in bizswoop BizPrint print-google-cloud-print-gcp-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BizPrint: from n/a through = 4.6.7...

6.5CVSS6.6AI score0.00201EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/24 1:10 p.m.4 views

CVE-2025-68591 WordPress Simple File List plugin <= 6.1.18 - Broken Access Control vulnerability

Missing Authorization vulnerability in Mitchell Bennis Simple File List simple-file-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple File List: from n/a through = 6.1.18...

5.4CVSS5.9AI score0.00214EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/24 1:10 p.m.3 views

CVE-2025-68587 WordPress Watu Quiz plugin <= 3.4.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Bob Watu Quiz watu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Watu Quiz: from n/a through = 3.4.5...

4.3CVSS6.6AI score0.00189EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/24 1:10 p.m.3 views

CVE-2025-68572 WordPress BBP Core plugin <= 1.4.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Spider Themes BBP Core bbp-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BBP Core: from n/a through = 1.4.1...

5.3CVSS6.6AI score0.00219EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/24 12:31 p.m.31 views

CVE-2025-68535 WordPress Sunshine Photo Cart plugin <= 3.5.7.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through = 3.5.7.1...

4.3CVSS0.00162EPSS
Exploits0References1
Rows per page
Query Builder