5304 matches found
CVE-2026-11966 User Registration & Membership < 5.2.3 - Unauthenticated Limited User Deletion via Stripe Subscription Handler
The User Registration & Membership WordPress plugin before 5.2.3 does not perform a capability check for unauthenticated callers on one of its membership payment actions and acts on a caller-supplied user identifier, allowing unauthenticated attackers to delete recently-registered, payment-pendin...
EUVD-2026-45147
The User Registration & Membership WordPress plugin before 5.2.3 does not perform a capability check for unauthenticated callers on one of its membership payment actions and acts on a caller-supplied user identifier, allowing unauthenticated attackers to delete recently-registered, payment-pendin...
CVE-2026-11966
The User Registration & Membership WordPress plugin before 5.2.3 does not perform a capability check for unauthenticated callers on one of its membership payment actions and acts on a caller-supplied user identifier, allowing unauthenticated attackers to delete recently-registered, payment-pendin...
CVE-2026-15982 Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit <= 2.8.4 - Unauthenticated Privilege Escalation via 'aiomatic_call_google_ai_function'
The Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.8.4. This is due to due to a missing capability check on the 'aiomaticcallgoogleaifunction' function. This makes ...
CVE-2026-15982
The Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.8.4. This is due to due to a missing capability check on the 'aiomaticcallgoogleaifunction' function. This makes ...
Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit - Broken Access Control
The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the installoractivateaddonplugins function and a weak nonce hash in all...
CVE-2026-8616
The CVE-2026-8616 entry concerns the Fense Proxy & VPN Blocker WordPress plugin. Affected versions are up to 3.0.1, where the fense_bpvt_save_settings() AJAX handler lacks a capability check and nonce validation. The callback is registered for both wp_ajax_* and wp_ajax_nopriv_* and unconditional...
EUVD-2026-45126
The Fense Proxy & VPN Blocker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check and missing nonce validation on the fensebpvtsavesettings function in versions up to, and including, 3.0.1. The callback is registered to both wpajax and...
CVE-2026-12906
The CVE-2026-12906 entry concerns RTMKit Addons for Elementor for WordPress. It affects the plugin prior to version 2.0.9, where an AJAX action does not perform a necessary capability check and returns a post identifier supplied in the request. This allows users with at least the Contributor role...
CVE-2026-12907
CVE-2026-12907 affects the RTMKit WordPress plugin prior to 2.0.9. The root cause is a missing capability check on a -builder AJAX action, allowing users with at least the Author role to create and activate a site-wide template that can override header, footer, or other global areas served to all...
EUVD-2026-44880
The RTMKit WordPress plugin before 2.0.9 does not perform a proper capability check on one of its -builder AJAX actions, allowing users with at least the Author role to create and activate a site-wide template that overrides the header, footer or other global areas displayed to all visitors, whic...
CVE-2026-12906 RTMKit Addons for Elementor < 2.0.9 - Contributor+ Private Post Title Disclosure
The RTMKit WordPress plugin before 2.0.9 does not perform a capability check in one of its AJAX actions and resolves a request-supplied post identifier directly, allowing users with at least the Contributor role to read the titles of other users' private, draft, pending, scheduled and trashed pos...
CVE-2026-12907 RTMKit Addons for Elementor < 2.0.9 - Author+ Site-Wide Theme Builder Template Creation and Activation
The RTMKit WordPress plugin before 2.0.9 does not perform a proper capability check on one of its -builder AJAX actions, allowing users with at least the Author role to create and activate a site-wide template that overrides the header, footer or other global areas displayed to all visitors, whic...
EUVD-2026-44879
The RTMKit WordPress plugin before 2.0.9 does not perform a capability check in one of its AJAX actions and resolves a request-supplied post identifier directly, allowing users with at least the Contributor role to read the titles of other users' private, draft, pending, scheduled and trashed pos...
CVE-2026-11802
The CVE covers the FoodBook Lite WordPress plugin (up to version 1.5.6). The registration() function exposed via the wp_ajax_nopriv_registration_action AJAX action lacks nonce verification, lacks capability checks, and does not honor WordPress users_can_register before calling wp_insert_user(). T...
CVE-2026-1359
The Genolve – AI image AI video generation plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the genolvesetOpt function in all versions up to, and including, 5.0.5. This makes it possible for authenticated attackers, with Contributor-leve...
CVE-2026-1359 Genolve – AI image AI video generation <= 5.0.5 - Authenticated (Contributor+) Incorrect Authorization to Privilege Escalation via theopt
The Genolve – AI image AI video generation plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the genolvesetOpt function in all versions up to, and including, 5.0.5. This makes it possible for authenticated attackers, with Contributor-leve...
EUVD-2026-43166
The Genolve – AI image AI video generation plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the genolvesetOpt function in all versions up to, and including, 5.0.5. This makes it possible for authenticated attackers, with Contributor-leve...
CVE-2026-1832
The ThriveDesk – Live Chat, AI Chatbot, Helpdesk & Knowledge Base plugin for WordPress is vulnerable to unauthorized cache deletion due to a missing capability check on the 'thrivedeskclearcache' AJAX action in all versions up to, and including, 2.1.7. This makes it possible for authenticated...
CVE-2026-3552
The SurfLink - Ultimate Link Manager plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the ajaximport410 function in all versions up to 2.6.0. This is due to a missing capability check currentusercan and missing nonce verification...