CVE-2025-14361

Missing Authorization vulnerability in AA-Team Woocommerce Envato Affiliates allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Woocommerce Envato Affiliates: from n/a through 1.2.1...

CVE-2025-14361

Missing Authorization vulnerability in AA-Team Woocommerce Envato Affiliates allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Woocommerce Envato Affiliates: from n/a through 1.2.1...

CVE-2025-14361 WordPress Woocommerce Envato Affiliates plugin <= 1.2.1 - Settings Change vulnerability

Missing Authorization vulnerability in AA-Team Woocommerce Envato Affiliates allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Woocommerce Envato Affiliates: from n/a through 1.2.1...

CVE-2025-14361

CVE-2025-14361 affects the WordPress plugin AA-Team Woocommerce Envato Affiliates (

EUVD-2025-209937

Missing Authorization vulnerability in AA-Team Woocommerce Envato Affiliates allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Woocommerce Envato Affiliates: from n/a through 1.2.1...

CVE-2025-14361 WordPress Woocommerce Envato Affiliates plugin <= 1.2.1 - Settings Change vulnerability

Missing Authorization vulnerability in AA-Team Woocommerce Envato Affiliates allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Woocommerce Envato Affiliates: from n/a through 1.2.1...

WordPress Woocommerce Envato Affiliates plugin <= 1.2.1 - Settings Change vulnerability

Settings Change vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Woocommerce Envato Affiliates versions = 1.2.1...

PT-2026-43413

Name of the Vulnerable Software and Affected Versions Woocommerce Envato Affiliates versions prior to 1.2.2 Description A missing authorization issue allows access to functionality that is not properly constrained by Access Control Lists ACLs, which are sets of rules that define which users or...

WordPress plugin Woocommerce Envato Affiliates 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

WordPress tagDiv Composer plugin <= 5.0 - Reflected Cross-Site Scripting via envato_code[] vulnerability

Reflected Cross-Site Scripting via envatocode vulnerability discovered by Truoc Phan - Techlab Corporation in WordPress Plugin tagDiv Composer versions = 5.0...

CVE-2025-23431

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in khaninejad Envato Affiliater envato-affiliater allows Reflected XSS.This issue affects Envato Affiliater: from n/a through = 1.2.4...

CVE-2025-62755

Missing Authorization vulnerability in GS Plugins GS Portfolio for Envato gs-envato-portfolio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GS Portfolio for Envato: from n/a through = 1.4.2...

CVE-2025-62755

Missing Authorization vulnerability in GS Plugins GS Portfolio for Envato gs-envato-portfolio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GS Portfolio for Envato: from n/a through = 1.4.2...

CVE-2025-62755

CVE-2025-62755 pertains to GS Portfolio for Envato, affecting the plugin up to version 1.4.2. Based on the provided initial document, this is an unauthenticated broken access control vulnerability (unauthorized access to restricted resources/actions) that does not require user credentials. The co...

CVE-2025-62755 WordPress GS Portfolio for Envato plugin <= 1.4.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in GS Plugins GS Portfolio for Envato gs-envato-portfolio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GS Portfolio for Envato: from n/a through = 1.4.2...

EUVD-2025-206021

Unauthenticated Broken Access Control in GS Portfolio for Envato = 1.4.2 versions...

CVE-2025-62755 WordPress GS Portfolio for Envato plugin <= 1.4.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in GS Plugins GS Portfolio for Envato gs-envato-portfolio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GS Portfolio for Envato: from n/a through = 1.4.2...

WordPress GS Portfolio for Envato plugin <= 1.4.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin GS Portfolio for Envato versions = 1.4.2...

PT-2025-54372

Name of the Vulnerable Software and Affected Versions GS Portfolio for Envato versions 1.4.2 and earlier Description An unauthenticated broken access control issue exists in GS Portfolio for Envato. This allows unauthorized access to resources. Recommendations Update GS Portfolio for Envato to a...

WordPress plugin GS Portfolio for Envato 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...