21327 matches found
CVE-2026-39504 WordPress InstaWP Connect plugin <= 0.1.2.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in InstaWP InstaWP Connect instawp-connect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects InstaWP Connect: from n/a through = 0.1.2.5...
CVE-2026-39504
Missing Authorization vulnerability in InstaWP InstaWP Connect instawp-connect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects InstaWP Connect: from n/a through = 0.1.2.5...
CVE-2026-39506
The CVE-2026-39506 entry covers a Missing Authorization (Broken Access Control) vulnerability in the WordPress plugin WordPress AI Engine (Pro) / ai-engine-pro. Affected versions are prior to 3.4.2. The root cause is incorrectly configured access control security levels, enabling unauthorized acc...
CVE-2026-39506 WordPress AI Engine (Pro) plugin < 3.4.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in Jordy Meow AI Engine Pro ai-engine-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Engine Pro: from n/a through 3.4.2...
CVE-2026-39488
The CVE-2026-39488 entry concerns the WordPress SureCart plugin (versions up to and including 4.0.2) with a Missing Authorization / Broken Access Control vulnerability. The underlying issue is reportedly misconfigured access control security levels that can be exploited to bypass authorization. C...
CVE-2026-39488 WordPress SureCart plugin <= 4.0.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in SureCart SureCart surecart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SureCart: from n/a through = 4.0.2...
CVE-2026-39485 WordPress Youtube Embed Plus plugin <= 14.2.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in embedplus Youtube Embed Plus youtube-embed-plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Youtube Embed Plus: from n/a through = 14.2.4...
CVE-2026-39488
Missing Authorization vulnerability in SureCart SureCart surecart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SureCart: from n/a through = 4.0.2...
CVE-2026-39485
Missing Authorization vulnerability in embedplus Youtube Embed Plus youtube-embed-plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Youtube Embed Plus: from n/a through = 14.2.4...
CVE-2026-39488 WordPress SureCart plugin <= 4.0.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in SureCart SureCart surecart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SureCart: from n/a through = 4.0.2...
CVE-2026-39485 WordPress Youtube Embed Plus plugin <= 14.2.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in embedplus Youtube Embed Plus youtube-embed-plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Youtube Embed Plus: from n/a through = 14.2.4...
CVE-2026-39476
Technical details for CVE-2026-39476 are not publicly provided in the supplied documents; monitor for updates from vendors and advisories.
CVE-2026-39477 WordPress CartFlows plugin <= 2.2.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Brainstorm Force CartFlows cartflows allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CartFlows: from n/a through = 2.2.3...
CVE-2026-39476 WordPress User Feedback plugin <= 1.10.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Feedback: from n/a through = 1.10.1...
CVE-2026-39476
Missing Authorization vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Feedback: from n/a through = 1.10.1...
CVE-2026-39477
Missing Authorization vulnerability in Brainstorm Force CartFlows cartflows allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CartFlows: from n/a through = 2.2.3...
CVE-2026-39476 WordPress User Feedback plugin <= 1.10.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Feedback: from n/a through = 1.10.1...
CVE-2026-39477 WordPress CartFlows plugin <= 2.2.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Brainstorm Force CartFlows cartflows allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CartFlows: from n/a through = 2.2.3...
CVE-2026-39477
CVE-2026-39477 refers to a missing authorization vulnerability in the WordPress plugin CartFlows (Brainstorm Force), affecting CartFlows versions up to 2.2.3. The root cause is an incorrectly configured access-control mechanism that allows exploitation of access levels. CVSS 3.1 base metrics indi...
CVE-2026-3480
The WP Blockade plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 0.9.14. The plugin registers an adminpost action hook 'wp-blockade-shortcode-render' that maps to the rendershortcodepreview function. This function lacks any capability check...