21393 matches found
CVE-2026-25367
CVE-2026-25367 is a missing-authorization/broken access control vulnerability in the WordPress CitiLights theme by NooTheme (CitiLights
CVE-2026-25364
The CVE-2026-25364 issue affects WordPress Client Invoicing by Sprout Invoices (sprout-invoices)
CVE-2026-25368
CVE-2026-25368 is a WordPress vulnerability in the Calculated Fields Form plugin (versions up to and including 5.4.4.1) described as a Missing Authorization / Broken Access Control issue. The advisory notes that an attacker could exploit misconfigured access controls within Calculated Fields Form...
CVE-2026-25367 WordPress CitiLights theme < 3.7.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in NooTheme CitiLights noo-citilights allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CitiLights: from n/a through 3.7.2...
CVE-2026-25363 WordPress FooGallery plugin <= 3.1.11 - Broken Access Control vulnerability
Missing Authorization vulnerability in FooPlugins FooGallery foogallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FooGallery: from n/a through = 3.1.11...
CVE-2026-25364 WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through = 20.8.8...
CVE-2026-25367 WordPress CitiLights theme < 3.7.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in NooTheme CitiLights noo-citilights allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CitiLights: from n/a through 3.7.2...
CVE-2026-25364 WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through = 20.8.8...
CVE-2026-25368 WordPress Calculated Fields Form plugin <= 5.4.4.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in codepeople Calculated Fields Form calculated-fields-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Calculated Fields Form: from n/a through = 5.4.4.1...
CVE-2026-25363 WordPress FooGallery plugin <= 3.1.11 - Broken Access Control vulnerability
Missing Authorization vulnerability in FooPlugins FooGallery foogallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FooGallery: from n/a through = 3.1.11...
CVE-2026-25367
Missing Authorization vulnerability in NooTheme CitiLights noo-citilights allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CitiLights: from n/a through 3.7.2...
CVE-2026-25368
Missing Authorization vulnerability in codepeople Calculated Fields Form calculated-fields-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Calculated Fields Form: from n/a through = 5.4.4.1...
CVE-2026-25364
Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through = 20.8.8...
CVE-2026-25348
CVE-2026-25348: WordPress plugin Alt Text AI (Download Alt Text AI) versions up to and including 1.10.15 suffer a Missing/Broken Authorization vulnerability due to incorrectly configured access control. This allows exploitation of access control security levels without authentication, enabling un...
CVE-2026-25348 WordPress Download Alt Text AI plugin <= 1.10.15 - Broken Access Control vulnerability
Missing Authorization vulnerability in alttextai Download Alt Text AI alttext-ai allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download Alt Text AI: from n/a through = 1.10.15...
CVE-2026-25348 WordPress Download Alt Text AI plugin <= 1.10.15 - Broken Access Control vulnerability
Missing Authorization vulnerability in alttextai Download Alt Text AI alttext-ai allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download Alt Text AI: from n/a through = 1.10.15...
CVE-2026-25338 WordPress AI ChatBot with ChatGPT and Content Generator by AYS plugin <= 2.7.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS ays-chatgpt-assistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI ChatBot with ChatGPT and Content Generator by AYS: from n/a through = 2.7.4...
CVE-2026-25338
CVE-2026-25338 concerns the WordPress plugin AI ChatBot with ChatGPT and Content Generator by AYS (versions through 2.7.4). Connected sources describe a Broken Access Control / Missing Authorization issue caused by misconfigured access control security levels, potentially enabling unauthorized ac...
CVE-2026-25338
Missing Authorization vulnerability in Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS ays-chatgpt-assistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI ChatBot with ChatGPT and Content Generator by AYS: from n/a through = 2.7.4...
CVE-2026-25348
Missing Authorization vulnerability in alttextai Download Alt Text AI alttext-ai allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download Alt Text AI: from n/a through = 1.10.15...