59 matches found
CVE-2022-31708
vRealize Operations vROps contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.4...
EUVD-2022-53128
Malicious code in bioql PyPI...
WordPress Tourfic plugin <= 2.14.5 - Missing Authorization in Multiple Functions vulnerability
Missing Authorization in Multiple Functions vulnerability discovered by WordFence in WordPress Plugin Tourfic versions = 2.14.5...
CVE-2025-54037 WordPress News Kit Elementor Addons plugin <= 1.3.4 - Broken Access Control Vulnerability
Missing Authorization vulnerability in blazethemes News Kit Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects News Kit Elementor Addons: from n/a through 1.3.4...
WordPress LMSACE Connect plugin <= 3.4 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Martino Spagnuolo r3verii in WordPress Plugin LMSACE Connect versions = 3.4...
CVE-2025-29012 WordPress CF7 7 Mailchimp Add-on plugin < 2.4 - Broken Access Control Vulnerability
Missing Authorization vulnerability in kamleshyadav CF7 7 Mailchimp Add-on CF7-mailchimp-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CF7 7 Mailchimp Add-on: from n/a through 2.4...
CVE-2025-3702
CVE-2025-3702 describes a Missing Authorization (broken access control) vulnerability in the WordPress Melapress File Monitor plugin, affecting versions prior to 2.2.0. Multiple sources consolidate the same issue. The root cause is improperly configured access control levels that can be exploited...
WordPress ChatBot plugin <= 6.7.3 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by zaim in WordPress Plugin ChatBot versions = 6.7.3...
CVE-2025-53255 WordPress HurryTimer plugin <= 2.13.1 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Nabil Lemsieh HurryTimer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects HurryTimer: from n/a through 2.13.1...
CVE-2025-49993
CVE-2025-49993 covers a Missing Authorization vulnerability in the WordPress Cookie-Script.com plugin (versions ≤ 1.2.1). Attack surface is the plugin’s access control configuration, described as “Broken/Incorrectly Configured Access Control,” enabling exploitation of insufficient authorization c...
WordPress Cookie-Script.com plugin <= 1.2.1 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by domiee13 in WordPress Plugin Cookie-Script.com versions = 1.2.1...
CVE-2025-49857 WordPress myCred plugin <= 2.9.4.2 - Broken Access Control Vulnerability
Missing Authorization vulnerability in WPExperts.io myCred allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects myCred: from n/a through 2.9.4.2...
WordPress Audio Editor & Recorder plugin <= 2.2.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by theviper17 Patchstack Alliance in WordPress Plugin Audio Editor & Recorder versions = 2.2.1...
CVE-2025-28995 WordPress Viral Loops WP Integration plugin <= 3.8.1 - Broken Access Control Vulnerability
Missing Authorization vulnerability in viralloops Viral Loops WP Integration viral-loops-wp-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Viral Loops WP Integration: from n/a through = 3.8.1...
CVE-2025-48335 WordPress Responsive Plus plugin <= 3.2.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in CyberChimps Responsive Plus responsive-add-ons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Plus: from n/a through = 3.2.0...
WordPress Taskbuilder plugin <= 4.0.7 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Hiro Code016Hiro in WordPress Plugin Taskbuilder versions = 4.0.7...
WordPress Team Builder plugin <= 1.5.7 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin Team Builder versions = 1.5.7...
WordPress Legal Pages plugin <= 1.4.5 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by muhammad yudha in WordPress Plugin Legal Pages versions = 1.4.5...
WordPress Salon Booking Wordpress plugin <= 10.10.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nguyễn Trung Kiên anhchangmutrang in WordPress Plugin Salon Booking Pro versions = 10.10.2...
WordPress ProfileGrid plugin <= 5.9.5.1 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin ProfileGrid versions = 5.9.5.1...