CVE-2025-68026

Missing Authorization vulnerability in Niaj Morshed LC Wizard ghl-wizard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LC Wizard: from n/a through = 2.1.1...

CVE-2025-68026

Missing Authorization vulnerability in Niaj Morshed LC Wizard ghl-wizard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LC Wizard: from n/a through = 2.1.1...

CVE-2025-68026 WordPress LC Wizard plugin <= 2.1.1 - Settings Change vulnerability

Missing Authorization vulnerability in Niaj Morshed LC Wizard ghl-wizard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LC Wizard: from n/a through = 2.1.1...

CVE-2025-68026

CVE-2025-68026 affects the WordPress LC Wizard (GHL Wizard/Connector Wizard) plugin, with affected versions listed as 2.1.1 and earlier. The vulnerability is described as a Missing Authorization issue that allows unauthenticated setting updates due to incorrectly configured access control. Public...

WordPress plugin LC Wizard 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

PT-2026-21075

Name of the Vulnerable Software and Affected Versions LC Wizard versions through 2.1.1 Description An authorization issue exists in LC Wizard that allows exploiting incorrectly configured access control security levels. Recommendations Update to a version later than 2.1.1...

WordPress LC Wizard plugin <= 2.1.1 - Settings Change vulnerability

Settings Change vulnerability discovered by Legion Hunter in WordPress Plugin LC Wizard versions = 2.1.1...

WordPress LC Wizard plugin elevation of privilege vulnerability

WordPress LC Wizard plugin is a plugin with security vulnerabilities. WordPress LC Wizard plugin has an elevation of privilege vulnerability that stems from a missing capability check in the ghl-wizard/inc/wpuser.php file, which can be exploited by an attacker to cause an elevation of privilege...

CVE-2025-5483

The LC Wizard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check in the ghl-wizard/inc/wpuser.php file in versions 1.2.10 to 1.3.0. This makes it possible for unauthenticated attackers to create new user accounts with the administrator role when the PRO...

CVE-2025-5483

The LC Wizard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check in the ghl-wizard/inc/wpuser.php file in versions 1.2.10 to 1.3.0. This makes it possible for unauthenticated attackers to create new user accounts with the administrator role when the PRO...

CVE-2025-5483 LC Wizard 1.2.10 - 1.3.0 - Missing Authorization to Unauthenticated Privilege Escalation

The LC Wizard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check in the ghl-wizard/inc/wpuser.php file in versions 1.2.10 to 1.3.0. This makes it possible for unauthenticated attackers to create new user accounts with the administrator role when the PRO...

EUVD-2025-38233

The LC Wizard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check in the ghl-wizard/inc/wpuser.php file in versions 1.2.10 to 1.3.0. This makes it possible for unauthenticated attackers to create new user accounts with the administrator role when the PRO...

CVE-2025-5483 LC Wizard 1.2.10 - 1.3.0 - Missing Authorization to Unauthenticated Privilege Escalation

The LC Wizard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check in the ghl-wizard/inc/wpuser.php file in versions 1.2.10 to 1.3.0. This makes it possible for unauthenticated attackers to create new user accounts with the administrator role when the PRO...

WordPress LC Wizard plugin 1.2.10 - 1.3.0 - Missing Authorization to Unauthenticated Privilege Escalation vulnerability

WordPress LC Wizard plugin 1.2.10 - 1.3.0 - Missing Authorization to Unauthenticated Privilege Escalation vulnerability discovered by kr0d in WordPress Plugin LC Wizard versions 1.2.10-1.3.0...

WordPress plugin LC Wizard 安全漏洞

WordPress LC Wizard plugin is a plugin with security vulnerabilities. WordPress LC Wizard plugin has an elevation of privilege vulnerability that stems from a missing capability check in the ghl-wizard/inc/wpuser.php file, which can be exploited by an attacker to cause an elevation of privilege...

PT-2025-45401

Name of the Vulnerable Software and Affected Versions LC Wizard plugin for WordPress versions 1.2.10 through 1.3.0 Description The LC Wizard plugin for WordPress has a flaw that allows lower-privileged users to escalate to administrator rights. This is due to a missing capability check in the...

EUVD-2025-30579

Malicious code in bioql PyPI...

CVE-2025-58237

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Niaj Morshed LC Wizard ghl-wizard allows Stored XSS.This issue affects LC Wizard: from n/a through = 2.2.4...

WordPress LC Wizard plugin <= 2.1.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by zaim in WordPress Plugin LC Wizard versions = 2.1.3...

CVE-2025-58237

CVE-2025-58237: LC Wizard (Connector Wizard) for WordPress has a stored XSS in LC Wizard/Connector Wizard up to version 1.4.0 (initial cites 1.3.0). Root cause: improper input neutralization during web page generation. Affected plugin: Connector Wizard (formerly LC Wizard); vulnerability context ...