WordPress Message Filter for Contact Form 7 plugin <= 1.6.3 - Missing Authorization to Authenticated (Subscriber+) New Filter Creation vulnerability

Missing Authorization to Authenticated Subscriber+ New Filter Creation vulnerability discovered by Tieu Pham Trong Nhan - TechlabCorp in WordPress Plugin Message Filter for Contact Form 7 versions = 1.6.3...

WordPress Child Theme Creator by Orbisius plugin <= 1.5.5 - Missing Authorization to Authenticated (Subscriber+) Cloud Snippet Update/Delete vulnerability

Missing Authorization to Authenticated Subscriber+ Cloud Snippet Update/Delete vulnerability discovered by Tieu Pham Trong Nhan - TechlabCorp in WordPress Plugin Child Theme Creator versions = 1.5.5...

WordPress Web3 Cryptocurrency Payments by DePay for WooCommerce plugin <= 2.12.17 - Missing Authorization to Information Exposure vulnerability

Missing Authorization to Information Exposure vulnerability discovered by Tieu Pham Trong Nhan - TechlabCorp in WordPress Plugin Web3 Cryptocurrency Payments by DePay for WooCommerce versions = 2.12.17...

PT-2026-6230

Name of the Vulnerable Software and Affected Versions ameliabooking versions through 1.2.38 Description An issue exists in ameliabooking Amelia ameliabooking related to incorrectly configured access control security levels, allowing for missing authorization. The issue allows exploitation of acce...

PT-2026-6245

Name of the Vulnerable Software and Affected Versions Northern Beaches Websites WP Custom Admin Interface versions through 7.41 Description A missing authorization issue exists in the WP Custom Admin Interface, allowing exploitation of incorrectly configured access control security levels...

PT-2026-6221

Name of the Vulnerable Software and Affected Versions myCred versions through 2.9.7.3 Description The software contains a missing authorization issue related to incorrectly configured access control security levels. The issue allows for exploitation of access control. Recommendations Update myCre...

PT-2026-6249

Name of the Vulnerable Software and Affected Versions Nelio Popups versions through 1.3.5 Description An incorrect configuration of access control security levels allows exploitation of missing authorization in Nelio Popups. Recommendations Update Nelio Popups to a version later than 1.3.5...

WordPress plugin WPElemento Importer 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. There is a...

PT-2026-6240

Name of the Vulnerable Software and Affected Versions Iulia Cazan Latest Post Shortcode versions through 14.2.0 Description The Latest Post Shortcode software contains a missing authorization flaw that allows exploitation due to incorrectly configured access control security levels. Recommendatio...

PT-2026-6246

Name of the Vulnerable Software and Affected Versions WP Bannerize Pro versions through 1.11.0 Description The software contains a missing authorization issue due to incorrectly configured access control security levels. This allows for potential exploitation. Recommendations Update WP Bannerize...

PT-2026-6232

Name of the Vulnerable Software and Affected Versions Brecht Visual Link Preview versions through 2.2.9 Description A missing authorization flaw exists in Brecht Visual Link Preview, potentially allowing exploitation due to incorrectly configured access control security levels. Recommendations...

PT-2026-6224

Name of the Vulnerable Software and Affected Versions WP Chill Strong Testimonials versions through 3.2.20 Description A missing authorization issue exists in WP Chill Strong Testimonials, allowing exploitation of incorrectly configured access control security levels. Recommendations Update WP...

WordPress Relevanssi Premium plugin <= 2.25.0 - Missing Authorization to Unauthenticated Query Log Export vulnerability

Missing Authorization to Unauthenticated Query Log Export vulnerability discovered by Krzysztof Zając - CERT PL in WordPress Plugin Relevanssi Premium versions = 2.25.0...

WordPress Paid Membership Subscriptions - Effortless Memberships, Recurring Payments & Content Restriction plugin <= 2.11.1 - Missing Authorization via pms_stripe_connect_handle_authorization_return vulnerability

WordPress Paid Membership Subscriptions - Effortless Memberships, Recurring Payments & Content Restriction plugin = 2.11.1 - Missing Authorization via pmsstripeconnecthandleauthorizationreturn vulnerability discovered by Lucio Sá in WordPress Plugin Paid Member Subscriptions versions = 2.11.1...

WordPress Categorify plugin <= 1.0.7.4 - Missing Authorization in categorifyAjaxRenameCategory vulnerability

Missing Authorization in categorifyAjaxRenameCategory vulnerability discovered by Francesco Carlucci in WordPress Plugin Categorify versions = 1.0.7.4...

WordPress Categorify plugin <= 1.0.7.4 - Missing Authorization in categorifyAjaxClearCategory vulnerability

Missing Authorization in categorifyAjaxClearCategory vulnerability discovered by Francesco Carlucci in WordPress Plugin Categorify versions = 1.0.7.4...

WordPress Tutor LMS - Migration Tool plugin <= 2.2.0 - Missing Authorization in tutor_import_from_xml vulnerability

WordPress Tutor LMS - Migration Tool plugin = 2.2.0 - Missing Authorization in tutorimportfromxml vulnerability discovered by Francesco Carlucci in WordPress Plugin Tutor LMS – Migration Tool versions = 2.2.0...

Missing Authorization

Overview khoj is a Your Second Brain Affected versions of this package are vulnerable to Missing Authorization in the OAuth callback endpoint. An attacker can gain unauthorized access to and manipulate another user's Notion integration by supplying a known UUID in the state parameter, which can b...

WordPress WooCommerce Social Login plugin <= 2.7.3 - Missing Authorization to Unauthenticated Privilege Escalation vulnerability

Missing Authorization to Unauthenticated Privilege Escalation vulnerability discovered by Vu Nguyen maxntv in WordPress Plugin WooCommerce Social Login versions = 2.7.3...

WordPress Email Subscribers by Icegram Express - Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin <= 5.7.17 - Missing Authorization vulnerability

WordPress Email Subscribers by Icegram Express - Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin = 5.7.17 - Missing Authorization vulnerability discovered by Thura Moe Myint mgthuramoemyint in WordPress Plugin Email Subscribers & Newsletters versions = 5.7.17...