CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21190 matches found

CVE-2025-53345

Missing Authorization vulnerability leading to code execution after installing malicious vulnerable plugin in ThimPress Thim Core. This issue affects Thim Core: from n/a through 2.3.3...

8.8CVSS6.2AI score0.00066EPSS

Exploits0References2

Vulnrichment•added last week•8 views

CVE-2025-53345 WordPress Thim Core plugin <= 2.3.3 - Arbitrary Plugin Installation vulnerability

Missing Authorization vulnerability leading to code execution after installing malicious vulnerable plugin in ThimPress Thim Core. This issue affects Thim Core: from n/a through 2.3.3...

8.8CVSS6.2AI score0.00066EPSS

Exploits0References1

CVE•added last week•8 views

CVE-2025-53345

CVE-2025-53345: A Missing Authorization flaw in ThimPress Thim Core (WordPress plugin) allows arbitrary code execution when a malicious vulnerable plugin is installed, affecting Thim Core up to version 2.3.3. CVSS v3.1 metrics indicate Network attack vector, Low attack complexity, Privileges Requ...

8.8CVSS6.2AI score0.00066EPSS

Exploits0References1

Cvelist•added last week•36 views

CVE-2025-53345 WordPress Thim Core plugin <= 2.3.3 - Arbitrary Plugin Installation vulnerability

Missing Authorization vulnerability leading to code execution after installing malicious vulnerable plugin in ThimPress Thim Core. This issue affects Thim Core: from n/a through 2.3.3...

8.8CVSS0.00066EPSS

Exploits0References1

EUVD•added last week•7 views

EUVD-2025-210031

Missing Authorization vulnerability leading to code execution after installing malicious vulnerable plugin in ThimPress Thim Core. This issue affects Thim Core: from n/a through 2.3.3...

8.8CVSS6.2AI score0.00066EPSS

Exploits0References1

ATTACKERKB•added last week•6 views

CVE-2025-53302

Missing Authorization vulnerability in Anton Shevchuk Constructor allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Constructor: from n/a through 1.6.5...

5.3CVSS5.8AI score0.00037EPSS

Exploits0References2

EUVD•added last week•6 views

EUVD-2025-210030

Missing Authorization vulnerability in Anton Shevchuk Constructor allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Constructor: from n/a through 1.6.5...

5.3CVSS5.8AI score0.00037EPSS

Exploits0References1

CVE•added last week•13 views

CVE-2025-53302

CVE-2025-53302 in WordPress Theme Constructor (<= 1.6.5) is a Missing Authorization / Broken Access Control issue. Publicly disclosed details indicate unauthenticated access to restricted functionality due to ACL constraints, affecting Constructor versions up to 1.6.5. CVSS v3.1 base score is ...

5.3CVSS5.8AI score0.00037EPSS

Exploits0References1

Vulnrichment•added last week•8 views

CVE-2025-53302 WordPress Constructor theme <= 1.6.5 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Anton Shevchuk Constructor allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Constructor: from n/a through 1.6.5...

5.3CVSS5.8AI score0.00037EPSS

Exploits0References1

CVE•added last week•9 views

CVE-2025-52766

Summary: CVE-2025-52766 affects the WordPress plugin “Printeers Print & Ship” (versions up to 1.17.0). The issue is a Missing Authorization / Broken Access Control vulnerability caused by incorrectly configured access control security levels. The CVSS 3.1 base metrics indicate a network exploit, ...

6.5CVSS5.8AI score0.00029EPSS

Exploits0References1

ATTACKERKB•added last week•6 views

CVE-2025-52766

Missing Authorization vulnerability in Printeers Printeers Print & Ship allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Printeers Print & Ship: from n/a through 1.17.0...

6.5CVSS5.8AI score0.00029EPSS

Exploits0References2

Cvelist•added last week•36 views

CVE-2025-52766 WordPress Printeers Print & Ship plugin <= 1.17.0 - Broken Access Control vulnerability

6.5CVSS0.00029EPSS

Exploits0References1

EUVD•added last week•8 views

EUVD-2025-210034

6.5CVSS5.8AI score0.00029EPSS

Exploits0References1

NVD•added last week•8 views

CVE-2026-9234

The JTL-Connector for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.4.1. This is due to missing capability checks and nonce verification on the adminpostsettingssavewoo-jtl-connector action handled by JtlConnectorAdmin::save and on the...

4.3CVSS0.00035EPSS

Exploits0References6

ATTACKERKB•added last week•7 views

CVE-2026-9234

4.3CVSS5.9AI score0.00035EPSS

Exploits0References7

EUVD•added last week•7 views

EUVD-2026-33886

4.3CVSS5.9AI score0.00035EPSS

Exploits0References6

CVE•added last week•10 views

CVE-2026-9234

The CVE-2026-9234 entry identifies a vulnerability in the WordPress plugin JTL-Connector for WooCommerce (versions up to and including 2.4.1). The issue is Missing Authorization on three actions: admin_post_settings_save_woo-jtl-connector, and the AJAX actions wp_ajax_downloadJTLLogs and wp_ajax_...

4.3CVSS5.9AI score0.00035EPSS

Exploits0References6

Vulnrichment•added last week•6 views

CVE-2026-9234 JTL-Connector for WooCommerce <= 2.4.1 - Missing Authorization to Authenticated (Subscriber+) Settings Modification via Multiple Functions

4.3CVSS5.9AI score0.00035EPSS

Exploits0References6

Positive Technologies•added 2026/06/02 12:0 a.m.•8 views

PT-2026-45721

Missing Authorization vulnerability in ThimPress Thim Core allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Thim Core: from n/a through 2.3.3...

4.3CVSS5.8AI score0.00029EPSS

Exploits0References2

Positive Technologies•added 2026/06/02 12:0 a.m.•6 views

PT-2026-45720

Missing Authorization vulnerability in ThimPress Thim Core. This issue affects Thim Core: from n/a through 2.3.3...

8.8CVSS5.8AI score0.00066EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by