21327 matches found
CVE-2026-39614
Missing Authorization vulnerability in ilGhera JW Player for WordPress jw-player-7-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JW Player for WordPress: from n/a through = 2.3.6...
CVE-2026-39608
The CVE-2026-39608 entry concerns the WordPress plugin ipospays-gateways-wc (iPOSPays Gateways WC) for WordPress, affected versions are up to and including 1.3.7. The issue is described as a Missing Authorization vulnerability caused by incorrectly configured access control security levels, i.e.,...
CVE-2026-39610
The CVE-2026-39610 entry concerns the WordPress plugin WpXmas-Snow (versions up to and including 1.1) with a broken access control flaw caused by missing authorization. The vulnerability enables exploitation of incorrectly configured access control security levels in WpXmas-Snow, affecting the pl...
CVE-2026-39609
Summary: CVE-2026-39609 concerns a missing authorization flaw in the WordPress plugin “Wava Payment” (wava-payment), affecting versions up to and including 0.3.7. The root cause is an incorrectly configured access control that allows exploitation of authorization checks. What’s affected: WordPres...
CVE-2026-39610 WordPress WpXmas-Snow plugin <= 1.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Pankaj Kumar WpXmas-Snow wpxmas-snow allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpXmas-Snow: from n/a through = 1.1...
CVE-2026-39609 WordPress Wava Payment plugin <= 0.3.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in Wava.co Wava Payment wava-payment allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wava Payment: from n/a through = 0.3.7...
CVE-2026-39609
Missing Authorization vulnerability in Wava.co Wava Payment wava-payment allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wava Payment: from n/a through = 0.3.7...
CVE-2026-39608
Missing Authorization vulnerability in iPOSPays iPOSpays Gateways WC ipospays-gateways-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iPOSpays Gateways WC: from n/a through = 1.3.7...
EUVD-2026-20246
Missing Authorization vulnerability in Pankaj Kumar WpXmas-Snow wpxmas-snow allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpXmas-Snow: from n/a through = 1.1...
CVE-2026-39609 WordPress Wava Payment plugin <= 0.3.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in Wava.co Wava Payment wava-payment allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wava Payment: from n/a through = 0.3.7...
CVE-2026-39610 WordPress WpXmas-Snow plugin <= 1.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Pankaj Kumar WpXmas-Snow wpxmas-snow allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpXmas-Snow: from n/a through = 1.1...
CVE-2026-39612 WordPress KuteShop theme <= 4.2.9 - Arbitrary Shortcode Execution vulnerability
Missing Authorization vulnerability in kutethemes KuteShop kuteshop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KuteShop: from n/a through = 4.2.9...
CVE-2026-39608 WordPress iPOSpays Gateways WC plugin <= 1.3.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in iPOSPays iPOSpays Gateways WC ipospays-gateways-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iPOSpays Gateways WC: from n/a through = 1.3.7...
CVE-2026-39610
Missing Authorization vulnerability in Pankaj Kumar WpXmas-Snow wpxmas-snow allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpXmas-Snow: from n/a through = 1.1...
CVE-2026-39612
CVE-2026-39612 affects the WordPress theme KuteShop (KuteShop theme) ≤ 4.2.9. Root cause: missing authorization / incorrectly configured access control that enables unauthorized actions. Impact: arbitrary shortcode execution within the affected site. Exploitation details are not provided in the c...
CVE-2026-39607 WordPress Filter Plus plugin <= 1.1.17 - Broken Access Control vulnerability
Missing Authorization vulnerability in Wpbens Filter Plus filter-plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filter Plus: from n/a through = 1.1.17...
CVE-2026-39605 WordPress Super Custom Login plugin <= 1.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Obadiah Super Custom Login super-custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Custom Login: from n/a through = 1.1...
CVE-2026-39607
Missing Authorization vulnerability in Wpbens Filter Plus filter-plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filter Plus: from n/a through = 1.1.17...
CVE-2026-39606
Missing Authorization vulnerability in Foysal Imran BizReview bizreview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BizReview: from n/a through = 1.5.13...
CVE-2026-39607 WordPress Filter Plus plugin <= 1.1.17 - Broken Access Control vulnerability
Missing Authorization vulnerability in Wpbens Filter Plus filter-plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filter Plus: from n/a through = 1.1.17...