CVE-2026-49045

The CVE-2026-49045 entry concerns the WordPress Adminimize plugin (versions up to 1.11.11). Affected component: Adminimize’s access control logic, with a Missing Authorization / Broken Access Control vulnerability. Root cause: improperly configured access control security levels that allow exploi...

CVE-2026-42726

CVE-2026-42726 describes a Missing Authorization / Broken Access Control in the WordPress plugin AWP Classifieds (versions

PT-2026-43201

Missing Authorization vulnerability in Webful Creations RepairBuddy allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects RepairBuddy: from n/a through 4.1121...

CVE-2026-24546

The CVE covers WordPress GamiPress plugin versions up to 7.6.3 with a Missing Authorization vulnerability, arising from incorrectly configured access control levels. According to the connected data, the issue affects the GamiPress component (WordPress plugin) and is classified as a network-exploi...

CVE-2026-42377 WordPress SureForms Pro plugin <= 2.8.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Brainstorm Force SureForms Pro allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SureForms Pro: from n/a through 2.8.0...

CVE-2025-62104 WordPress ACF Galerie 4 plugin <= 1.4.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Navneil Naicker ACF Galerie 4 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ACF Galerie 4: from n/a through 1.4.2...

EUVD-2026-20298

Missing Authorization vulnerability in redpixelstudios RPS Include Content rps-include-content allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RPS Include Content: from n/a through = 1.2.2...

EUVD-2026-20232

Missing Authorization vulnerability in Rustaurius Order Tracking order-tracking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Tracking: from n/a through = 3.4.3...

CVE-2026-39715

Missing Authorization vulnerability in AnyTrack AnyTrack Affiliate Link Manager anytrack-affiliate-link-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AnyTrack Affiliate Link Manager: from n/a through = 1.5.5...

CVE-2026-39701

CVE-2026-39701 pertains to the WordPress ShopWP plugin (wpshopify) with versions up to and including 5.2.4. The issue is a Missing Authorization vulnerability caused by incorrectly configured access control, allowing unauthorized access. Affected software is Andrew ShopWP/WPSHOPIFY (ShopWP). The ...

CVE-2026-39687 WordPress Rapid Car Check Vehicle Data plugin <= 2.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Rapid Car Check Rapid Car Check Vehicle Data free-vehicle-data-uk allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rapid Car Check Vehicle Data: from n/a through = 2.0...

CVE-2026-39588

Missing Authorization vulnerability in nmerii NM Gift Registry and Wishlist Lite nm-gift-registry-and-wishlist-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NM Gift Registry and Wishlist Lite: from n/a through = 5.13...

PT-2026-31192

CVE-2026-39627 Missing Authorization vulnerability in wproyal Ashe ashe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ashe: from n/a thr… https://t.co/kSRi6TSZHk...

CVE-2026-32413

Missing Authorization vulnerability in Maciej Bis Permalink Manager Lite permalink-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Permalink Manager Lite: from n/a through 2.5.3...

CVE-2026-27046 WordPress StoreCustomizer plugin <= 2.6.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Kaira StoreCustomizer woocustomizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects StoreCustomizer: from n/a through = 2.6.3...

CVE-2026-25462 WordPress avalex plugin <= 3.1.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in avalex avalex avalex allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects avalex: from n/a through = 3.1.3...

PT-2026-28047

Authorization Bypass Through User-Controlled Key vulnerability in LatePoint LatePoint latepoint allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LatePoint: from n/a through = 5.2.6...

CVE-2026-32383

Missing Authorization vulnerability in raratheme Ridhi ridhi allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ridhi: from n/a through = 1.1.2...

CVE-2026-32391

Missing Authorization vulnerability in linethemes SmartFix smartfix allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SmartFix: from n/a through 1.2.4...

CVE-2026-32337

CVE-2026-32337 concerns a Missing Authorization vulnerability in the WordPress theme “Preschool and Kindergarten” by raratheme, affecting versions from n/a through