WordPress Brikk theme <= 3.0.0 - Arbitrary Content Deletion vulnerability

Arbitrary Content Deletion vulnerability discovered by Denver Jackson in WordPress Theme Brikk versions = 3.0.0...

CVE-2025-69385

CVE-2025-69385 : Missing Authorization vulnerability in Cartify (WordPress Theme) allows exploitation of misconfigured access control. Affected: Cartify – WooCommerce Gutenberg WordPress Theme, versions n/a through 1.3. Public details in connected sources describe an Arbitrary Content Deletion im...

CVE-2025-67994

CVE-2025-67994 is a confirmed Missing Authorization vulnerability in the WordPress plugin YayCurrency (YayCommerce YayCurrency) affecting YayCurrency versions up to and including 3.3, allowing unauthorized content deletion. Red Hat/NVD/NVD-derived and CVE databases reference the same issue; Wordf...

CVE-2025-67994 WordPress YayCurrency plugin <= 3.3 - Arbitrary Content Deletion vulnerability

Missing Authorization vulnerability in YayCommerce YayCurrency yaycurrency allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YayCurrency: from n/a through = 3.3...

WordPress YayCurrency plugin <= 3.3 - Arbitrary Content Deletion vulnerability

Arbitrary Content Deletion vulnerability discovered by Denver Jackson in WordPress Plugin YayCurrency versions = 3.3...

WordPress Cartify - WooCommerce Gutenberg WordPress Theme theme <= 1.3 - Arbitrary Content Deletion vulnerability

WordPress Cartify - WooCommerce Gutenberg WordPress Theme theme = 1.3 - Arbitrary Content Deletion vulnerability discovered by Denver Jackson in WordPress Theme Cartify - WooCommerce Gutenberg WordPress Theme versions = 1.3...

CVE-2025-68013 WordPress Payment Gateway Authorize.Net CIM for WooCommerce plugin <= 2.1.2 - Arbitrary Content Deletion vulnerability

Missing Authorization vulnerability in cardpaysolutions Payment Gateway Authorize.Net CIM for WooCommerce authnet-cim-for-woo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Payment Gateway Authorize.Net CIM for WooCommerce: from n/a through = 2.1.2...

CVE-2025-22715 WordPress WP Attractive Donations System - Easy Stripe & Paypal donations plugin <= 1.25 - Arbitrary Content Deletion vulnerability

Missing Authorization vulnerability in loopus WP Attractive Donations System - Easy Stripe & Paypal donations WPAttractiveDonationsSystem allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Attractive Donations System - Easy Stripe & Paypal donations: fro...

WordPress WP Attractive Donations System - Easy Stripe & Paypal donations plugin <= 1.25 - Arbitrary Content Deletion vulnerability

WordPress WP Attractive Donations System - Easy Stripe & Paypal donations plugin = 1.25 - Arbitrary Content Deletion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin WP Attractive Donations System - Easy Stripe & Paypal donations versions = 1.25...

CVE-2025-64214 WordPress MasterStudy LMS Pro plugin < 4.7.16 - Arbitrary Content Deletion vulnerability

Missing Authorization vulnerability in StylemixThemes MasterStudy LMS Pro masterstudy-lms-learning-management-system-pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MasterStudy LMS Pro: from n/a through 4.7.16...

CVE-2025-64214

CVE-2025-64214 concerns the WordPress MasterStudy LMS Pro plugin (masterstudy-lms-learning-management-system-pro) prior to version 4.7.16. The issue is a Missing Authorization vulnerability that allows Accessing Functionality Not Properly Constrained by ACLs, effectively enabling arbitrary conten...

CVE-2025-58877 WordPress Javo Core plugin <= 3.0.0.529 - Arbitrary Content Deletion vulnerability

Missing Authorization vulnerability in javothemes Javo Core javo-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Javo Core: from n/a through = 3.0.0.529...

CVE-2025-54741 WordPress Super Blank Plugin <= 1.2.0 - Arbitrary Content Deletion Vulnerability

Missing Authorization vulnerability in Tyler Moore Super Blank super-blank allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Blank: from n/a through = 1.2.0...

CVE-2025-64251

CVE-2025-64251 concerns a missing/incorrectly configured Authorization in the WordPress plugin Ultimate Learning Pro by azzaroco, affected versions up to and including 3.9.3. The connected sources describe an access control security level misconfiguration that could enable exploitation of authori...

CVE-2025-64251 WordPress Ultimate Learning Pro plugin <= 3.9.3 - Arbitrary Content Deletion vulnerability

Missing Authorization vulnerability in azzaroco Ultimate Learning Pro indeed-learning-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Learning Pro: from n/a through = 3.9.3...

CVE-2025-64251 WordPress Ultimate Learning Pro plugin <= 3.9.3 - Arbitrary Content Deletion vulnerability

Missing Authorization vulnerability in azzaroco Ultimate Learning Pro indeed-learning-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Learning Pro: from n/a through = 3.9.3...

WordPress Animation Addons for Elementor plugin <= 2.4.5 - Arbitrary Content Deletion vulnerability

Arbitrary Content Deletion vulnerability discovered by Denver Jackson in WordPress Plugin Animation Addons for Elementor versions = 2.4.5...

CVE-2025-67540 WordPress Animation Addons for Elementor plugin <= 2.4.5 - Arbitrary Content Deletion vulnerability

Missing Authorization vulnerability in Wealcoder Animation Addons for Elementor animation-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animation Addons for Elementor: from n/a through = 2.4.5...

WordPress WooCommerce Recover Abandoned Cart plugin <= 24.6.0 - Arbitrary Content Deletion vulnerability

Arbitrary Content Deletion vulnerability discovered by Denver Jackson in WordPress Plugin WooCommerce Recover Abandoned Cart versions = 24.6.0...

CVE-2025-62046 WordPress TheGem Demo Import (for WPBakery) plugin <= 5.10.5 - Arbitrary Content Deletion vulnerability

Missing Authorization vulnerability in CodexThemes TheGem Demo Import for WPBakery thegem-importer.This issue affects TheGem Demo Import for WPBakery: from n/a through = 5.10.5...