1162 matches found
EUVD-2023-50835
Malicious code in bioql PyPI...
CVE-2025-52802
CVE-2025-52802 describes a Missing Authorization / Broken Access Control vulnerability in the WordPress plugin “Import YouTube videos as WP Posts” (versions n/a–2.1). The issue arises from incorrectly configured access control, enabling unauthorized actions that affect WP Posts created via the pl...
CVE-2025-49874
Missing Authorization vulnerability in tychesoftwares Arconix FAQ arconix-faq allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Arconix FAQ: from n/a through = 1.9.6...
CVE-2025-30636
Missing Authorization vulnerability in Ability, Inc Accessibility Suite online-accessibility allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accessibility Suite: from n/a through = 4.19...
CVE-2025-49268
Missing Authorization vulnerability in Soft8Soft LLC Verge3D verge3d allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Verge3D: from n/a through = 4.9.4...
CVE-2025-28985
Missing Authorization vulnerability in Elastic Email Elastic Email Subscribe Form elastic-email-subscribe-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elastic Email Subscribe Form: from n/a through = 1.2.2...
CVE-2025-30927
Missing Authorization vulnerability in Wordapp Team Wordapp wordapp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wordapp: from n/a through = 1.7.0...
CVE-2025-29013
CVE-2025-29013 describes a Missing Authorization vulnerability in the faaiq Custom Category/Post Type Post Order plugin for WordPress. The issue stems from insufficient access-control checks when ordering custom categories/posts, enabling unauthorized operations. Affected versions are listed as f...
CVE-2025-49268
CVE-2025-49268 is a missing-authorization (broken access control) vulnerability in Verge3D by Soft8Soft. Affected software: Verge3D Publishing and E‑Commerce, versions up to and including 4.9.4 (historical range listed as from n/a through 4.9.4). Public references indicate unauthorized access con...
CVE-2025-23963
Missing Authorization vulnerability in flymke Mark Posts mark-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mark Posts: from n/a through = 2.2.4...
CVE-2025-22721
Missing Authorization vulnerability in Farhan Noor ApplyOnline apply-online allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ApplyOnline: from n/a through = 2.6.7.1...
CVE-2025-24691
Missing Authorization vulnerability in ctltwp People Lists people-lists allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects People Lists: from n/a through = 1.3.10...
CVE-2024-47311
Missing Authorization vulnerability in Kraft Plugins Wheel of Life wheel-of-life allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wheel of Life: from n/a through = 1.1.8...
CVE-2024-37427
Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Timetics: from n/a through 1.0.21...
CVE-2024-37204
Missing Authorization vulnerability in PropertyHive PropertyHive allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PropertyHive: from n/a through 2.0.9...
CVE-2024-43310
Missing Authorization vulnerability in UkrSolution Print Barcode Labels for your WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Print Barcode Labels for your WooCommerce products/orders: from n/a through 3.4.9...
CVE-2024-54298
Missing Authorization vulnerability in sminozzi Car Dealer cardealer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Car Dealer: from n/a through = 4.46...
CVE-2023-41952
Missing Authorization vulnerability in Contact Form - WPManageNinja LLC FluentForm allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentForm: from n/a through 5.0.8...
CVE-2023-38483
Missing Authorization vulnerability in Dylan Blokhuis Instant CSS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Instant CSS: from n/a through 1.1.4...
CVE-2023-49848
Missing Authorization vulnerability in Marc dooder Sharkdropship dropshipping for Aliexpress, eBay, Amazon, etsy woo-aliexpress-dropshipping allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sharkdropship dropshipping for Aliexpress, eBay, Amazon, etsy: fr...