CVE-2026-27390

Authentication Bypass Using an Alternate Path or Channel vulnerability in designthemes WeDesignTech Ultimate Booking Addon wedesigntech-ultimate-booking-addon allows Authentication Abuse.This issue affects WeDesignTech Ultimate Booking Addon: from n/a through = 1.0.1...

CVE-2026-27983

Incorrect Privilege Assignment vulnerability in designthemes LMS Elementor Pro lms-elementor-pro allows Privilege Escalation.This issue affects LMS Elementor Pro: from n/a through = 1.0.4...

CVE-2026-27388

Missing Authorization vulnerability in designthemes DesignThemes Booking Manager designthemes-booking-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DesignThemes Booking Manager: from n/a through = 2.0...

CVE-2026-22473

Deserialization of Untrusted Data vulnerability in designthemes Dental Clinic dental allows Object Injection.This issue affects Dental Clinic: from n/a through = 3.7...

EUVD-2026-9653

Incorrect Privilege Assignment vulnerability in designthemes LMS Elementor Pro lms-elementor-pro allows Privilege Escalation.This issue affects LMS Elementor Pro: from n/a through = 1.0.4...

EUVD-2026-9640

Missing Authorization vulnerability in designthemes DesignThemes Booking Manager designthemes-booking-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DesignThemes Booking Manager: from n/a through = 2.0...

CVE-2026-27983

Incorrect Privilege Assignment vulnerability in designthemes LMS Elementor Pro lms-elementor-pro allows Privilege Escalation.This issue affects LMS Elementor Pro: from n/a through = 1.0.4...

CVE-2026-27386

Missing Authorization vulnerability in designthemes DesignThemes Directory Addon designthemes-directory-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DesignThemes Directory Addon: from n/a through = 1.8...

CVE-2026-27389

Authentication Bypass Using an Alternate Path or Channel vulnerability in designthemes WeDesignTech Ultimate Booking Addon wedesigntech-ultimate-booking-addon allows Authentication Abuse.This issue affects WeDesignTech Ultimate Booking Addon: from n/a through = 1.0.1...

CVE-2026-27385

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in designthemes DesignThemes Portfolio designthemes-portfolio allows Reflected XSS.This issue affects DesignThemes Portfolio: from n/a through = 1.3...

CVE-2026-22473

Deserialization of Untrusted Data vulnerability in designthemes Dental Clinic dental allows Object Injection.This issue affects Dental Clinic: from n/a through = 3.7...

CVE-2026-27983

CVE-2026-27983 is an unauthenticated privilege-escalation vulnerability in the WordPress plugin LMS Elementor Pro (

CVE-2026-27388 WordPress DesignThemes Booking Manager plugin <= 2.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in designthemes DesignThemes Booking Manager designthemes-booking-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DesignThemes Booking Manager: from n/a through = 2.0...

CVE-2026-27388

Missing Authorization vulnerability in designthemes DesignThemes Booking Manager designthemes-booking-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DesignThemes Booking Manager: from n/a through = 2.0...

CVE-2026-27388 WordPress DesignThemes Booking Manager plugin <= 2.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in designthemes DesignThemes Booking Manager designthemes-booking-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DesignThemes Booking Manager: from n/a through = 2.0...

CVE-2026-27390

Authentication Bypass Using an Alternate Path or Channel vulnerability in designthemes WeDesignTech Ultimate Booking Addon wedesigntech-ultimate-booking-addon allows Authentication Abuse.This issue affects WeDesignTech Ultimate Booking Addon: from n/a through = 1.0.1...

CVE-2026-27388

CVE-2026-27388 : The Red Hat/WordPress data identify a Missing Authorization vulnerability in the DesignThemes Booking Manager plugin (designthemes-booking-manager) up to version 2.0. The issue is described as Broken/Incorrectly Configured Access Control, enabling unauthorized access due to missi...

CVE-2026-27386 WordPress DesignThemes Directory Addon plugin <= 1.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in designthemes DesignThemes Directory Addon designthemes-directory-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DesignThemes Directory Addon: from n/a through = 1.8...

CVE-2026-27385 WordPress DesignThemes Portfolio plugin <= 1.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in designthemes DesignThemes Portfolio designthemes-portfolio allows Reflected XSS.This issue affects DesignThemes Portfolio: from n/a through = 1.3...

CVE-2026-27386 WordPress DesignThemes Directory Addon plugin <= 1.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in designthemes DesignThemes Directory Addon designthemes-directory-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DesignThemes Directory Addon: from n/a through = 1.8...