CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE-2026-40786 WordPress MyRewards plugin <= 5.7.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Long Watch Studio MyRewards woorewards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MyRewards: from n/a through = 5.7.3...

4.3CVSS0.00141EPSS

ATTACKERKB•added 2026/04/15 10:21 a.m.•2 views

CVE-2026-40786

5.8AI score0.00141EPSS

CVE•added 2026/04/15 10:21 a.m.•15 views

CVE-2026-40786

CVE-2026-40786 corresponds to a Missing Authorization vulnerability in the WordPress MyRewards plugin (woorewards) with affected versions cited as ≤ 5.7.3 and a potential impact from misconfigured access control levels. Multiple connected sources (RH, NVD, CVE lists, PATCHSTACK, PT-SEC) consisten...

4.3CVSS5.8AI score0.00141EPSS

Vulnrichment•added 2026/04/15 10:21 a.m.•0 views

CVE-2026-40786 WordPress MyRewards plugin <= 5.7.3 - Broken Access Control vulnerability

5.8AI score0.00141EPSS

CVE•added 2026/04/15 10:21 a.m.•5 views

CVE-2026-40763

CVE-2026-40763 affects the WordPress plugin Royal Elementor Addons (royal-elementor-addons) up to version 1.7.1056. The issue is described as a Missing Authorization vulnerability caused by broken or incorrectly configured access control within the plugin, enabling unauthorized access due to priv...

5.3CVSS5.8AI score0.00178EPSS

CVE-2026-40778 WordPress Majestic Support plugin <= 1.1.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Majestic Support Majestic Support majestic-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Majestic Support: from n/a through = 1.1.2...

5.3CVSS0.00163EPSS

ATTACKERKB•added 2026/04/15 10:21 a.m.•0 views

CVE-2026-40763

Missing Authorization vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royal Elementor Addons: from n/a through = 1.7.1056...

5.8AI score0.00178EPSS

ATTACKERKB•added 2026/04/15 10:21 a.m.•2 views

CVE-2026-40778

5.8AI score0.00163EPSS

Vulnrichment•added 2026/04/15 10:21 a.m.•1 views

CVE-2026-40763 WordPress Royal Elementor Addons plugin <= 1.7.1056 - Broken Access Control vulnerability

5.8AI score0.00178EPSS

CVE•added 2026/04/15 10:21 a.m.•12 views

CVE-2026-40778

CVE-2026-40778 concerns the WordPress Majestic Support plugin with versions prior to 1.1.3 (i.e.,

5.3CVSS5.8AI score0.00163EPSS

CVE•added 2026/04/15 10:21 a.m.•5 views

CVE-2026-40742

Nelio AB Testing WordPress plugin

5.3CVSS5.8AI score0.00187EPSS

CVE•added 2026/04/15 10:21 a.m.•4 views

CVE-2026-40740

CVE-2026-40740 concerns a Missing Authorization vulnerability in Themeum Tutor LMS WordPress plugin

5.4CVSS5.8AI score0.00177EPSS

Cvelist•added 2026/04/15 10:21 a.m.•33 views

CVE-2026-40740 WordPress Tutor LMS plugin <= 3.9.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Themeum Tutor LMS tutor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tutor LMS: from n/a through = 3.9.7...

5.4CVSS0.00177EPSS

ATTACKERKB•added 2026/04/15 10:21 a.m.•1 views

CVE-2026-40740

Missing Authorization vulnerability in Themeum Tutor LMS tutor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tutor LMS: from n/a through = 3.9.7...

5.8AI score0.00177EPSS

Vulnrichment•added 2026/04/15 10:21 a.m.•0 views

CVE-2026-40742 WordPress Nelio AB Testing plugin <= 8.2.8 - Sensitive Data Exposure vulnerability

Missing Authorization vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nelio AB Testing: from n/a through = 8.2.8...

5.8AI score0.00187EPSS

Vulnrichment•added 2026/04/15 10:21 a.m.•1 views

CVE-2026-40740 WordPress Tutor LMS plugin <= 3.9.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Themeum Tutor LMS tutor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tutor LMS: from n/a through = 3.9.7...

5.8AI score0.00177EPSS

CVE-2026-40742 WordPress Nelio AB Testing plugin <= 8.2.8 - Sensitive Data Exposure vulnerability

5.3CVSS0.00187EPSS

CVE•added 2026/04/15 10:21 a.m.•4 views

CVE-2026-40728

The CVE-2026-40728 entry documents a Missing Authorization vulnerability in the WordPress Magazine Blocks plugin (BlockArt magazine-blocks) affecting versions up to 1.8.3. The issue arises from incorrectly configured access control security levels, enabling exploitation due to insufficient author...

4.3CVSS5.8AI score0.00144EPSS

CVE-2026-40730 WordPress ThemeGrill Demo Importer plugin <= 2.0.0.6 - Broken Access Control vulnerability

5.3CVSS0.00195EPSS