Lucene search
K

53 matches found

EUVD
EUVD
added 2026/06/25 1:34 p.m.6 views

EUVD-2026-39398

Improper Access Control vulnerability in Themeisle PPOM for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PPOM for WooCommerce: from n/a through 33.0.18...

6.5CVSS5.8AI score0.00196EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 3:16 p.m.15 views

CVE-2026-49045

Missing Authorization vulnerability in WP Media Adminimize allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Adminimize: from n/a through 1.11.11...

4.3CVSS0.00213EPSS
Exploits0References1
CVE
CVE
added 2026/05/25 10:42 p.m.25 views

CVE-2026-32389

The CVE affects WordPress NanoCare theme prior to version 1.2.2, where a Missing Authorization vulnerability enables Broken Access Control due to incorrectly configured access control security levels in NanoCare. Affected component is the NanoCare WordPress theme; root cause is improper authoriza...

5.4CVSS5.8AI score0.00223EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 4:32 p.m.10 views

CVE-2026-25431 WordPress Hustle plugin <= 7.8.10.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPMU DEV Hustle allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Hustle: through 7.8.10.1...

5.3CVSS5.8AI score0.00231EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/15 10:21 a.m.3 views

CVE-2026-40728 WordPress Magazine Blocks plugin <= 1.8.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in BlockArt Magazine Blocks magazine-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Magazine Blocks: from n/a through = 1.8.3...

4.3CVSS5.8AI score0.00144EPSS
Exploits0References1
CVE
CVE
added 2026/04/15 10:21 a.m.8 views

CVE-2026-40728

The CVE-2026-40728 entry documents a Missing Authorization vulnerability in the WordPress Magazine Blocks plugin (BlockArt magazine-blocks) affecting versions up to 1.8.3. The issue arises from incorrectly configured access control security levels, enabling exploitation due to insufficient author...

4.3CVSS5.8AI score0.00144EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/08 8:30 a.m.1 views

CVE-2026-39610

Missing Authorization vulnerability in Pankaj Kumar WpXmas-Snow wpxmas-snow allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpXmas-Snow: from n/a through = 1.1...

5.9AI score0.00214EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/08 8:30 a.m.27 views

CVE-2026-39607 WordPress Filter Plus plugin <= 1.1.17 - Broken Access Control vulnerability

Missing Authorization vulnerability in Wpbens Filter Plus filter-plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filter Plus: from n/a through = 1.1.17...

5.4CVSS0.00168EPSS
Exploits0References1
CVE
CVE
added 2026/04/08 8:30 a.m.7 views

CVE-2026-39585

The CVE-2026-39585 entry concerns the WordPress Booktics plugin, version range from unknown up to and including 1.0.16, described as a Missing Authorization vulnerability due to incorrectly configured access control. The vulnerability affects Booktics components (booktics) and is characterized by...

5.3CVSS5.8AI score0.0019EPSS
Exploits0References1
CVE
CVE
added 2026/04/08 8:30 a.m.7 views

CVE-2026-39501

CVE-2026-39501 is a Broken Access Control vulnerability affecting WordPress FOX plugin (woocommerce-currency-switcher) versions &lt;= 1.4.5. The root cause is Missing Authorization / incorrectly configured access control, allowing unauthorized access due to insufficient restrictions. Documents co...

5.3CVSS5.9AI score0.00291EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/08 8:30 a.m.20 views

CVE-2026-39506 WordPress AI Engine (Pro) plugin < 3.4.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Jordy Meow AI Engine Pro ai-engine-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Engine Pro: from n/a through 3.4.2...

4.3CVSS0.00165EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/08 8:30 a.m.2 views

CVE-2026-39504 WordPress InstaWP Connect plugin <= 0.1.2.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in InstaWP InstaWP Connect instawp-connect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects InstaWP Connect: from n/a through = 0.1.2.5...

5.4CVSS5.8AI score0.00165EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:14 p.m.10 views

CVE-2026-25460

CVE-2026-25460 affects Ave Core (Ave Core plugin) for WordPress, with a Missing Authorization flaw in ave-core that permits exploitation due to incorrectly configured access control/security levels in Ave Core versions up to 2.9.1. The connected documents confirm the vendor/product (Ave Core) and...

6.3CVSS5.8AI score0.00189EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 4:14 p.m.2 views

CVE-2026-24972 WordPress Elated Listing plugin <= 1.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Elated-Themes Elated Listing eltd-listing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elated Listing: from n/a through = 1.4...

6.5CVSS5.8AI score0.00269EPSS
Exploits0References1
CVE
CVE
added 2026/03/17 8:24 a.m.9 views

CVE-2026-32586

CVE-2026-32586 describes a Missing Authorization vulnerability in Booster for WooCommerce (WordPress plugin). Affected: Booster for WooCommerce versions prior to 7.11.3. Root cause: incorrectly configured access control/security levels allowing unauthorized actions. Impact: CVSS v3.1 base score 5...

5.3CVSS5.9AI score0.00225EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/13 11:42 a.m.6 views

CVE-2026-32396 WordPress Team plugin <= 5.0.13 - Broken Access Control vulnerability

Missing Authorization vulnerability in RadiusTheme Team tlp-team allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team: from n/a through = 5.0.13...

5.8AI score0.00199EPSS
Exploits0References1
CVE
CVE
added 2026/03/05 5:53 a.m.10 views

CVE-2026-27388

CVE-2026-27388 : The Red Hat/WordPress data identify a Missing Authorization vulnerability in the DesignThemes Booking Manager plugin (designthemes-booking-manager) up to version 2.0. The issue is described as Broken/Incorrectly Configured Access Control, enabling unauthorized access due to missi...

7.5CVSS5.9AI score0.0038EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/20 3:46 p.m.3 views

CVE-2025-69393 WordPress Exzo theme <= 1.2.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Jthemes Exzo exzo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Exzo: from n/a through = 1.2.4...

7.5CVSS5.3AI score0.00293EPSS
Exploits0References1
CVE
CVE
added 2026/02/20 3:46 p.m.11 views

CVE-2025-68048

CVE-2025-68048 involves the WordPress plugin NextMove Lite (XLPlugins)

7.5CVSS5.5AI score0.00291EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/03 2:8 p.m.23 views

CVE-2026-24990 WordPress WP Docs plugin <= 2.2.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Fahad Mahmood WP Docs wp-docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through = 2.2.8...

5.4CVSS0.0017EPSS
Exploits0References1
Rows per page
Query Builder