Lucene search
K

208 matches found

CVE
CVE
added 2025/04/17 3:48 p.m.51 views

CVE-2025-23773

CVE-2025-23773 concerns the WordPress Delete All Posts plugin (mingocommerce) with versions n/a–1.1.1, where a Missing Authorization vulnerability stems from incorrectly configured access control. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L) indicates no network privileges required, ...

6.5CVSS5.8AI score0.00339EPSS
Exploits0References1
NVD
NVD
added 2025/04/16 1:15 p.m.10 views

CVE-2025-39552

Missing Authorization vulnerability in Dylan James Zephyr Project Manager zephyr-project-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zephyr Project Manager: from n/a through = 3.3.200...

5.4CVSS0.00314EPSS
Exploits0References1
CVE
CVE
added 2025/04/09 7:28 p.m.65 views

CVE-2025-26901

CVE-2025-26901 (Brizy Pro) is a Missing Authorization vulnerability affecting Brizy Pro versions up to 2.6.1, per Wordfence coverage referencing the Brizy Pro entry. The issue stems from incorrectly configured access control security levels, enabling unauthorized actions without authentication or...

8.8CVSS8.5AI score0.00313EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/04/03 2:15 p.m.9 views

CVE-2025-31794

Missing Authorization vulnerability in Web Ready Now WR Price List Manager For Woocommerce wr-price-list-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WR Price List Manager For Woocommerce: from n/a through = 1.0.8...

5.4CVSS0.00348EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/02 1:35 p.m.8 views

CVE-2025-31618

Missing Authorization vulnerability in Jaap Jansma Connector to CiviCRM with CiviMcRestFace connector-civicrm-mcrestface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Connector to CiviCRM with CiviMcRestFace: from n/a through = 1.0.10...

5.3CVSS7.2AI score0.00263EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/01 2:52 p.m.18 views

CVE-2025-31872 WordPress WP Clone any post type Plugin <= 3.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Galaxy Weblinks WP Clone any post type allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Clone any post type: from n/a through 3.4...

5.3CVSS7.1AI score0.00348EPSS
Exploits0References1
CVE
CVE
added 2025/04/01 2:51 p.m.50 views

CVE-2025-31787

Technical details about CVE-2025-31787 are not provided in the connected documents; only the description notes a missing authorization issue in Cue (WordPress Cue plugin) up to version 2.4.4. Monitor for official advisories for specifics.

4.3CVSS7.2AI score0.00396EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/29 12:4 p.m.12 views

CVE-2025-30777

Authorization Bypass Through User-Controlled Key vulnerability in DevItems Support Genix support-genix-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Support Genix: from n/a through = 1.4.11...

4.3CVSS7.2AI score0.00461EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/29 11:47 a.m.11 views

CVE-2025-30767

Missing Authorization vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF for WPForms: from n/a through = 5.3.0...

5.4CVSS7.2AI score0.00346EPSS
Exploits0References1
NVD
NVD
added 2025/03/27 2:15 p.m.11 views

CVE-2025-22673

Missing Authorization vulnerability in WPFactory EAN for WooCommerce ean-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EAN for WooCommerce: from n/a through = 5.3.5...

4.3CVSS0.00247EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/03/27 11:15 a.m.2 views

CVE-2025-30896

Missing Authorization vulnerability in weDevs WP ERP erp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP ERP: from n/a through = 1.13.4...

5.4CVSS7.2AI score0.00344EPSS
Exploits0References3
NVD
NVD
added 2025/03/24 2:15 p.m.7 views

CVE-2025-30581

Missing Authorization vulnerability in PluginOps Top Bar ultimate-bar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Top Bar: from n/a through = 3.3...

5.3CVSS0.00421EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/05 4:58 p.m.19 views

CVE-2024-8261

Authorization Bypass Through User-Controlled Key vulnerability in Proliz Software OBS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects OBS: before 24.0927...

9.8CVSS5.8AI score0.00386EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/24 2:49 p.m.20 views

CVE-2025-26883 WordPress Animated Text Block plugin <= 1.0.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in bPlugins Animated Text Block animated-text-block allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animated Text Block: from n/a through = 1.0.7...

6.5CVSS0.00379EPSS
Exploits0References1
NVD
NVD
added 2025/01/31 9:15 a.m.8 views

CVE-2025-22265

Missing Authorization vulnerability in mgplugin EMI Calculator emi-calculator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EMI Calculator: from n/a through = 1.1...

6.5CVSS0.00355EPSS
Exploits0References1
OSV
OSV
added 2025/01/24 6:15 p.m.2 views

CVE-2025-24736

Missing Authorization vulnerability in Metaphor Creations Post Duplicator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Post Duplicator: from n/a through 2.35...

4.3CVSS5.8AI score0.00323EPSS
Exploits0References1
NVD
NVD
added 2025/01/24 6:15 p.m.24 views

CVE-2025-24591

Missing Authorization vulnerability in Ninja Team GDPR CCPA Compliance Support ninja-gdpr-compliance allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GDPR CCPA Compliance Support: from n/a through = 2.7.1...

8.8CVSS0.00481EPSS
Exploits0References1
NVD
NVD
added 2025/01/02 3:15 p.m.13 views

CVE-2023-48758

Missing Authorization vulnerability in Crocoblock JetEngine jet-engine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetEngine: from n/a through = 3.2.4...

7.1CVSS0.003EPSS
Exploits0References1
NVD
NVD
added 2025/01/02 12:15 p.m.16 views

CVE-2023-47179

Missing Authorization vulnerability in mdalabar WooODT Lite byconsole-woo-order-delivery-time allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooODT Lite: from n/a through = 2.4.6...

8.8CVSS0.00948EPSS
Exploits1References1
NVD
NVD
added 2025/01/02 12:15 p.m.28 views

CVE-2023-45828

Missing Authorization vulnerability in RumbleTalk RumbleTalk Live Group Chat rumbletalk-chat-a-chat-with-themes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RumbleTalk Live Group Chat: from n/a through = 6.2.5...

5.4CVSS0.00797EPSS
Exploits1References1
Rows per page
Query Builder