CVE-2025-67973 WordPress Sunshine Photo Cart plugin <= 3.5.6.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through = 3.5.6.2...

CVE-2025-67974 WordPress WPLegalPages plugin <= 3.5.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP Legal Pages WPLegalPages wplegalpages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPLegalPages: from n/a through = 3.5.4...

CVE-2025-67973 WordPress Sunshine Photo Cart plugin <= 3.5.6.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through = 3.5.6.2...

CVE-2025-67974 WordPress WPLegalPages plugin <= 3.5.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP Legal Pages WPLegalPages wplegalpages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPLegalPages: from n/a through = 3.5.4...

CVE-2025-67972

Missing Authorization vulnerability in Zoho Mail Zoho ZeptoMail allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Zoho ZeptoMail: from n/a through 3.2.9...

CVE-2025-67970

CVE-2025-67970 is a real vulnerability in vertim Schedula schedula-smart-appointment-booking (WordPress plugin) with Broken/ Missing Authorization due to incorrectly configured access control. Affected versions are schedula-smart-appointment-booking up to and including 1.0. The Red Hat and CVE ec...

CVE-2025-67970 WordPress Schedula plugin <= 1.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in vertim Schedula schedula-smart-appointment-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Schedula: from n/a through = 1.0...

CVE-2025-67970 WordPress Schedula plugin <= 1.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in vertim Schedula schedula-smart-appointment-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Schedula: from n/a through = 1.0...

CVE-2025-67624 WordPress Optimize More! – Images plugin <= 1.1.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Arya Dhiratara Optimize More! – Images optimize-more-images allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Optimize More! – Images: from n/a through = 1.1.3...

CVE-2025-67624

CVE-2025-67624 : WordPress plugin Optimize More! – Images

CVE-2025-67547 WordPress Konte theme <= 2.4.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in uixthemes Konte konte allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Konte: from n/a through = 2.4.6...

CVE-2025-67547

CVE-2025-67547 is a Missing Authorization / Broken Access Control vulnerability affecting WordPress Konte theme versions through 2.4.6. Red Hat/Red Hat Nexus entries reiter this issue as affected Konte up to v2.4.6 with similar wording. PATCHSTACK and CVE listings indicate an unauthorized access ...

CVE-2025-67547 WordPress Konte theme <= 2.4.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in uixthemes Konte konte allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Konte: from n/a through = 2.4.6...

CVE-2025-53217 WordPress AIO WP Builder Plugin <= 2.0.2 - Broken Access Control Vulnerability

Missing Authorization vulnerability in staviravn AIO WP Builder all-in-one-wp-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AIO WP Builder: from n/a through = 2.0.2...

CVE-2025-53217 WordPress AIO WP Builder Plugin <= 2.0.2 - Broken Access Control Vulnerability

Missing Authorization vulnerability in staviravn AIO WP Builder all-in-one-wp-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AIO WP Builder: from n/a through = 2.0.2...

CVE-2025-53217

The CVE-2025-53217 entry concerns the WordPress plugin AIO WP Builder (staviravn all-in-one-wp-builder) with versions up to and including 2.0.2, where a Missing Authorization vulnerability allows exploitation of incorrectly configured access control. The root cause is broken access control in the...

CVE-2024-54222 WordPress Seraphinite Accelerator plugin <= 2.22.15 - Authenticated Sensitive Data Exposure vulnerability

Missing Authorization vulnerability in Seraphinite Solutions Seraphinite Accelerator seraphinite-accelerator allows Retrieve Embedded Sensitive Data.This issue affects Seraphinite Accelerator: from n/a through = 2.22.15...

CVE-2024-54222 WordPress Seraphinite Accelerator plugin <= 2.22.15 - Authenticated Sensitive Data Exposure vulnerability

Missing Authorization vulnerability in Seraphinite Solutions Seraphinite Accelerator seraphinite-accelerator allows Retrieve Embedded Sensitive Data.This issue affects Seraphinite Accelerator: from n/a through = 2.22.15...

CVE-2024-43228

CVE-2024-43228 is a Missing Authorization (Broken Access Control) vulnerability in WordPress SecuPress Free, affecting SecuPress Free versions through 2.2.5.3. The issue is confirmed by NVD/Red Hat entries with the same description and a CVSS v3.1 base score of 5.3 (Medium). No exploit details ar...

CVE-2024-43228 WordPress SecuPress Free plugin <= 2.2.5.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in SecuPress SecuPress Free secupress.This issue affects SecuPress Free: from n/a through = 2.2.5.3...