CVE-2025-69385

CVE-2025-69385 : Missing Authorization vulnerability in Cartify (WordPress Theme) allows exploitation of misconfigured access control. Affected: Cartify – WooCommerce Gutenberg WordPress Theme, versions n/a through 1.3. Public details in connected sources describe an Arbitrary Content Deletion im...

CVE-2025-69388

CVE-2025-69388 affects WordPress Cliengo – Chatbot plugin

CVE-2025-69388 WordPress Cliengo – Chatbot plugin <= 3.0.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in cliengo Cliengo – Chatbot cliengo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cliengo – Chatbot: from n/a through = 3.0.4...

CVE-2025-69385 WordPress Cartify - WooCommerce Gutenberg WordPress Theme theme <= 1.3 - Arbitrary Content Deletion vulnerability

Missing Authorization vulnerability in AgniHD Cartify - WooCommerce Gutenberg WordPress Theme cartify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cartify - WooCommerce Gutenberg WordPress Theme: from n/a through = 1.3...

CVE-2025-69388 WordPress Cliengo – Chatbot plugin <= 3.0.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in cliengo Cliengo – Chatbot cliengo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cliengo – Chatbot: from n/a through = 3.0.4...

CVE-2025-69385 WordPress Cartify - WooCommerce Gutenberg WordPress Theme theme <= 1.3 - Arbitrary Content Deletion vulnerability

Missing Authorization vulnerability in AgniHD Cartify - WooCommerce Gutenberg WordPress Theme cartify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cartify - WooCommerce Gutenberg WordPress Theme: from n/a through = 1.3...

CVE-2025-69381 WordPress WooCommerce Bulk Product Editor plugin <= 3.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in vanquish WooCommerce Bulk Product Editor woocommerce-quick-product-editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Bulk Product Editor: from n/a through = 3.0...

CVE-2025-69303 WordPress ModelTheme Framework plugin < 2.0.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in modeltheme ModelTheme Framework modeltheme-framework allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ModelTheme Framework: from n/a through 2.0.0...

CVE-2025-69303 WordPress ModelTheme Framework plugin < 2.0.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in modeltheme ModelTheme Framework modeltheme-framework allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ModelTheme Framework: from n/a through 2.0.0...

CVE-2025-69303

CVE-2025-69303 is a Missing Authorization/Broken Access Control vulnerability in the WordPress ModelTheme Framework plugin (versions up to 1.9.2, prior to 2.0.0). Root cause: incorrectly configured access control security levels allowing unauthorized access. Impact per sources: High confidentiali...

CVE-2025-69297

CVE-2025-69297 concerns the WordPress Aardvark Plugin (aardvark-plugin) with versions through 2.19, due to Missing Authorization that enables broken access control. The issue affects GhostPool Aardvark Plugin and is described as an Incorrectly Configured Access Control Security Levels vulnerabili...

CVE-2025-69298 WordPress Gauge theme <= 6.56.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in GhostPool Gauge gauge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gauge: from n/a through = 6.56.4...

CVE-2025-69297 WordPress Aardvark Plugin plugin <= 2.19 - Broken Access Control vulnerability

Missing Authorization vulnerability in GhostPool Aardvark Plugin aardvark-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Aardvark Plugin: from n/a through = 2.19...

CVE-2025-69297 WordPress Aardvark Plugin plugin <= 2.19 - Broken Access Control vulnerability

Missing Authorization vulnerability in GhostPool Aardvark Plugin aardvark-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Aardvark Plugin: from n/a through = 2.19...

CVE-2025-69063

CVE-2025-69063 concerns the WordPress plugin New User Approve (versions

CVE-2025-69063 WordPress New User Approve plugin <= 3.2.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Saad Iqbal New User Approve new-user-approve allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects New User Approve: from n/a through = 3.2.0...

CVE-2025-69063 WordPress New User Approve plugin <= 3.2.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Saad Iqbal New User Approve new-user-approve allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects New User Approve: from n/a through = 3.2.0...

CVE-2025-68837

CVE-2025-68837 affects ELEXtensions ELEX WordPress HelpDesk & Customer Ticketing System (plugin) up to and including version 3.3.5, with a Missing Authorization / Broken Access Control vulnerability. The issue allows exploitation of incorrectly configured access control security levels (as descri...

CVE-2025-68834 WordPress Sync Master Sheet – Product Sync with Google Sheet for WooCommerce plugin <= 1.1.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Saiful Islam Sync Master Sheet – Product Sync with Google Sheet for WooCommerce product-sync-master-sheet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sync Master Sheet – Product Sync with Google Sheet for...

CVE-2025-68564 WordPress Sendy plugin <= 3.4.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in sendy Sendy sendy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sendy: from n/a through = 3.4.2...