CVE-2026-24965

The CVE-2026-24965 entry documents a Broken Access Control vulnerability in the WordPress Contest Gallery plugin up to version 28.1.1, caused by missing authorization checks that allow exploitation of access-control misconfigurations in contest-gallery. Affected software: Contest Gallery (WordPre...

CVE-2026-24984

CVE-2026-24984 affects the WordPress Visual Link Preview plugin up to and including version 2.2.9, describing a Missing/Incorrectly Configured Authorization vulnerability that allows access control bypass. The issue, documented in multiple sources, indicates a Broken Access Control risk with CVSS...

EUVD-2026-5247

Missing Authorization vulnerability in Brecht Visual Link Preview visual-link-preview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Visual Link Preview: from n/a through = 2.2.9...

CVE-2026-24982

CVE-2026-24982 affects the WordPress plugin Spectra Ultimate Add-ons for Gutenberg (Brainstorm Force) up to version 2.19.17. The issue is a missing/incorrectly configured authorization mechanism that enables a broken access control vulnerability, allowing unauthorized access by bypassing security...

CVE-2026-24957

CVE-2026-24957 affects the WordPress plugin Strong Testimonials (WP Chill Strong Testimonials) up to version 3.2.20. The issue is a Missing Authorization / Broken Access Control vulnerability caused by incorrectly configured access control security levels, allowing unauthorized access to certain ...

CVE-2026-24957

Missing Authorization vulnerability in WP Chill Strong Testimonials strong-testimonials allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Strong Testimonials: from n/a through = 3.2.20...

EUVD-2026-5221

Missing Authorization vulnerability in WP Chill Strong Testimonials strong-testimonials allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Strong Testimonials: from n/a through = 3.2.20...

CVE-2026-24951 WordPress myCred plugin <= 2.9.7.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Saad Iqbal myCred mycred allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects myCred: from n/a through = 2.9.7.3...

CVE-2026-24951 WordPress myCred plugin <= 2.9.7.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Saad Iqbal myCred mycred allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects myCred: from n/a through = 2.9.7.3...

CVE-2026-24945

CVE-2026-24945 : WordPress plugin Themefic Ultimate Addons for Contact Form 7 (versions up to and including 3.5.34) suffers a Missing Authorization vulnerability due to incorrectly configured access control security levels . The issue enables unauthorized access by exploiting the missing authoriz...

CVE-2026-24951

Missing Authorization vulnerability in Saad Iqbal myCred mycred allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects myCred: from n/a through = 2.9.7.3...

CVE-2026-24947 WordPress LA-Studio Element Kit for Elementor plugin < 1.5.6.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in LA-Studio LA-Studio Element Kit for Elementor lastudio-element-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LA-Studio Element Kit for Elementor: from n/a through 1.5.6.3...

CVE-2026-24947 WordPress LA-Studio Element Kit for Elementor plugin < 1.5.6.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in LA-Studio LA-Studio Element Kit for Elementor lastudio-element-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LA-Studio Element Kit for Elementor: from n/a through 1.5.6.3...

CVE-2026-24945 WordPress Ultimate Addons for Contact Form 7 plugin <= 3.5.34 - Broken Access Control vulnerability

Missing Authorization vulnerability in Themefic Ultimate Addons for Contact Form 7 ultimate-addons-for-contact-form-7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Addons for Contact Form 7: from n/a through = 3.5.34...

CVE-2026-24945 WordPress Ultimate Addons for Contact Form 7 plugin <= 3.5.34 - Broken Access Control vulnerability

Missing Authorization vulnerability in Themefic Ultimate Addons for Contact Form 7 ultimate-addons-for-contact-form-7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Addons for Contact Form 7: from n/a through = 3.5.34...

CVE-2026-24947

Missing Authorization vulnerability in LA-Studio LA-Studio Element Kit for Elementor lastudio-element-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LA-Studio Element Kit for Elementor: from n/a through 1.5.6.3...

CVE-2026-24945

Missing Authorization vulnerability in Themefic Ultimate Addons for Contact Form 7 ultimate-addons-for-contact-form-7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Addons for Contact Form 7: from n/a through = 3.5.34...

EUVD-2026-5190

Missing Authorization vulnerability in Saad Iqbal myCred mycred allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects myCred: from n/a through = 2.9.7.3...

EUVD-2026-5217

Missing Authorization vulnerability in LA-Studio LA-Studio Element Kit for Elementor lastudio-element-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LA-Studio Element Kit for Elementor: from n/a through 1.5.6.3...

CVE-2026-24951

CVE-2026-24951 refers to a Missing Authorization / Broken Access Control in the WordPress myCred plugin, affecting versions up to 2.9.7.3. The root cause is incorrectly configured access control levels. Impact is described as a partial or limited integrity risk with no explicit exploitation detai...