PT-2026-21162

Name of the Vulnerable Software and Affected Versions vanquish WooCommerce Bulk Product Editor versions through 3.0 Description The WooCommerce Bulk Product Editor, specifically the woocommerce-quick-product-editor component, exhibits a missing authorization issue. This flaw stems from incorrectl...

PT-2026-21034

Name of the Vulnerable Software and Affected Versions staviravn AIO WP Builder versions through 2.0.2 Description An authorization issue exists in staviravn AIO WP Builder all-in-one-wp-builder, allowing exploitation of incorrectly configured access control security levels. Recommendations Update...

PT-2026-21228

Name of the Vulnerable Software and Affected Versions WP Job Portal versions through 2.4.4 Description The WP Job Portal software contains a flaw related to incorrectly configured access control security levels, potentially allowing unauthorized access. The issue is a missing authorization check...

PT-2026-21078

Name of the Vulnerable Software and Affected Versions Passionate Brains Advanced WC Analytics versions through 3.19.0 Description An authorization issue exists in Passionate Brains Advanced WC Analytics, allowing exploitation due to incorrectly configured access control security levels...

PT-2026-21199

Name of the Vulnerable Software and Affected Versions WP FullCalendar versions through 1.6 Description The WP FullCalendar software contains a missing authorization flaw. This allows exploitation of incorrectly configured access control security levels. No information is available regarding the...

PT-2026-21041

Name of the Vulnerable Software and Affected Versions uixthemes Konte versions through 2.4.6 Description An authorization issue exists in uixthemes Konte. The issue involves incorrectly configured access control security levels, potentially allowing unauthorized access. Recommendations Update...

PT-2026-21169

Name of the Vulnerable Software and Affected Versions Cliengo – Chatbot versions through 3.0.4 Description An authorization issue exists in Cliengo – Chatbot, allowing exploitation due to incorrectly configured access control security levels. Recommendations Update Cliengo – Chatbot to a version...

PT-2026-21025

Name of the Vulnerable Software and Affected Versions Shared Files versions through 1.7.19 Description A missing authorization flaw exists in Anssi Laitila Shared Files shared-files. The issue impacts the application's ability to properly restrict access to resources. Recommendations Update to a...

PT-2026-21130

Name of the Vulnerable Software and Affected Versions ModelTheme Framework versions through 1.9.2 Description An authorization issue exists in the ModelTheme Framework’s modeltheme-framework, allowing exploitation due to incorrectly configured access control security levels. Recommendations Updat...

PT-2026-21166

Name of the Vulnerable Software and Affected Versions AgniHD Cartify - WooCommerce Gutenberg WordPress Theme versions through 1.3 Description The software contains a missing authorization issue related to incorrectly configured access control security levels. This allows for exploitation of the...

PT-2026-21083

Name of the Vulnerable Software and Affected Versions Leadpages versions through 1.1.3 Description A missing authorization issue exists in Leadpages, allowing exploitation of incorrectly configured access control security levels. Recommendations Update Leadpages to a version later than 1.1.3...

CVE-2026-27368

Missing Authorization vulnerability in SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd coming-soon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Coming Soon Page, Under Construction & Maintenance Mode by SeedProd: from n/a...

CVE-2026-27387

Missing Authorization vulnerability in Designinvento DirectoryPress directorypress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DirectoryPress: from n/a through = 3.6.26...

CVE-2026-27328

Missing Authorization vulnerability in DevsBlink EduBlink edublink allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EduBlink: from n/a through = 2.0.7...

CVE-2026-27387 WordPress DirectoryPress plugin <= 3.6.26 - Broken Access Control vulnerability

Missing Authorization vulnerability in Designinvento DirectoryPress directorypress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DirectoryPress: from n/a through = 3.6.26...

CVE-2026-27368

Missing Authorization vulnerability in SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd coming-soon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Coming Soon Page, Under Construction & Maintenance Mode by SeedProd: from n/a...

CVE-2026-27387

CVE-2026-27387 affects the WordPress DirectoryPress plugin (versions up to and including 3.6.26). The issue is a Missing Authorization/Broken Access Control vulnerability due to incorrectly configured access control security levels in DirectoryPress directorypress, allowing improper access within...

CVE-2026-27387

Missing Authorization vulnerability in designinvento DirectoryPress directorypress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DirectoryPress: from n/a through = 3.6.26...

CVE-2026-27368

CVE-2026-27368 concerns the WordPress plugin “Coming Soon Page, Under Construction & Maintenance Mode by SeedProd” (versions up to and including 6.19.8). The Red Hat/NVD/CVE listings describe a Missing Authorization vulnerability caused by incorrectly configured access control, enabling exploitat...

CVE-2026-27328 WordPress EduBlink theme <= 2.0.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in DevsBlink EduBlink edublink allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EduBlink: from n/a through = 2.0.7...