CVE-2026-49047

Missing Authorization vulnerability in DearHive DearFlip allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects DearFlip: from n/a through 2.4.27...

CVE-2026-23799 WordPress Tutor LMS plugin <= 3.9.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Themeum Tutor LMS tutor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tutor LMS: from n/a through = 3.9.5...

CVE-2026-25441

CVE-2026-25441 affects the WordPress LeadConnector plugin up to version 3.0.21, described as a Missing Authorization / Broken Access Control vulnerability due to incorrectly configured access control security levels in LeadConnector. Impact noted as unauthorized access potential; no exploitation ...

CVE-2026-25330

CVE-2026-25330 affects the WordPress PublishPress Authors plugin (&lt;= 4.10.1). Described as a Missing Authorization / Broken Access Control vulnerability due to incorrectly configured access control security levels. CVSSv3.1: 4.3 (Medium) with Network attack vector, Privileges Required: Low, Us...

CVE-2026-24605

CVE-2026-24605 concerns WordPress plugin X Addons for Elementor with versions up to 1.0.23. The Red Hat/NVD entries describe a Missing Authorization vulnerability caused by misconfigured access control security levels, enabling unauthorized access. Public feeds corroborate the affected software a...

CVE-2026-24529

CVE-2026-24529 affects the WordPress plugin Quick Restaurant Reservations (

CVE-2025-69188 WordPress fitness-trainer plugin <= 1.7.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in e-plugins fitness-trainer fitness-trainer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects fitness-trainer: from n/a through = 1.7.1...

CVE-2025-69327 WordPress Car Rental Manager plugin <= 1.0.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in magepeopleteam Car Rental Manager car-rental-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Car Rental Manager: from n/a through = 1.0.9...

CVE-2025-66157

Technical details for CVE-2025-66157 are not provided in the supplied documents; no affected versions, impact, vectors, or fixes are specified. Monitor official updates for additional information.

CVE-2025-62147 WordPress Realbig plugin <= 1.1.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Nik Melnik Realbig allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Realbig: from n/a through 1.1.3...

CVE-2025-68591 WordPress Simple File List plugin <= 6.1.18 - Broken Access Control vulnerability

Missing Authorization vulnerability in Mitchell Bennis Simple File List simple-file-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple File List: from n/a through = 6.1.18...

CVE-2025-64268 WordPress Timetics plugin <= 1.0.44 - Broken Access Control vulnerability

Missing Authorization vulnerability in Arraytics Timetics timetics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Timetics: from n/a through = 1.0.44...

CVE-2025-62965

Missing Authorization vulnerability in wpseek Admin Management Xtended admin-management-xtended allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin Management Xtended : from n/a through = 2.5.1...

CVE-2023-30870

Missing Authorization vulnerability in Marc dooder Sharkdropship for AliExpress Dropship and Affiliate wooshark-aliexpress-importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sharkdropship for AliExpress Dropship and Affiliate: from n/a through =...