CVE-2026-24636 WordPress Sugar Calendar (Lite) plugin <= 3.9.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Syed Balkhi Sugar Calendar Lite sugar-calendar-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sugar Calendar Lite: from n/a through = 3.9.1...

CVE-2026-24636

CVE-2026-24636 describes a Missing Authorization vulnerability in Sugar Calendar (Lite) plugin for WordPress. The issue affects Sugar Calendar (Lite) versions up to and including 3.10.1 and is categorized as broken/incorrect access control (Missing Authorization). Public sources in the connected ...

CVE-2026-24636

Missing Authorization vulnerability in Syed Balkhi Sugar Calendar Lite sugar-calendar-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sugar Calendar Lite: from n/a through = 3.10.1...

CVE-2026-24633

Missing Authorization vulnerability in Passionate Brains Add Expires Headers & Optimized Minify add-expires-headers allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Add Expires Headers & Optimized Minify: from n/a through = 3.1.0...

CVE-2026-24633

CVE-2026-24633 concerns a Missing Authorization issue in Passionate Brains Add Expires Headers & Optimized Minify (plugin), affecting versions up to and including 3.1.0. Red Hat and CVE records corroborate the missing authorization/configuration risk. The PT-2026-4463 advisory explicitly recommen...

CVE-2026-24625 WordPress File Uploads Addon for WooCommerce plugin <= 1.7.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Imaginate Solutions File Uploads Addon for WooCommerce woo-addon-uploads allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects File Uploads Addon for WooCommerce: from n/a through = 1.7.3...

CVE-2026-24625

Missing Authorization vulnerability in Imaginate Solutions File Uploads Addon for WooCommerce woo-addon-uploads allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects File Uploads Addon for WooCommerce: from n/a through = 1.7.3...

CVE-2026-24627 WordPress Trusona for WordPress plugin <= 2.0.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Trusona Trusona for WordPress trusona allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trusona for WordPress: from n/a through = 2.0.0...

CVE-2026-24625 WordPress File Uploads Addon for WooCommerce plugin <= 1.7.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Imaginate Solutions File Uploads Addon for WooCommerce woo-addon-uploads allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects File Uploads Addon for WooCommerce: from n/a through = 1.7.3...

CVE-2026-24625

CVE-2026-24625 describes a Missing Authorization flaw in Imaginate Solutions File Uploads Addon for WooCommerce (woo-addon-uploads) affecting versions up to and including 1.7.3. Public records from NVD/Red Hat/CVE listing confirm the issue is a broken access control vulnerability with a stated im...

CVE-2026-24627

CVE-2026-24627: WordPress Trusona plugin evidence shows a Missing Authorization vulnerability in Trusona for WordPress (

CVE-2026-24627 WordPress Trusona for WordPress plugin <= 2.0.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Trusona Trusona for WordPress trusona allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trusona for WordPress: from n/a through = 2.0.0...

CVE-2026-24627

Missing Authorization vulnerability in Trusona Trusona for WordPress trusona allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trusona for WordPress: from n/a through = 2.0.0...

CVE-2026-24622 WordPress Suggestion Toolkit plugin <= 5.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Sergiy Dzysyak Suggestion Toolkit suggestion-toolkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Suggestion Toolkit: from n/a through = 5.0...

CVE-2026-24622 WordPress Suggestion Toolkit plugin <= 5.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Sergiy Dzysyak Suggestion Toolkit suggestion-toolkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Suggestion Toolkit: from n/a through = 5.0...

CVE-2026-24622

Missing Authorization vulnerability in Sergiy Dzysyak Suggestion Toolkit suggestion-toolkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Suggestion Toolkit: from n/a through = 5.0...

CVE-2026-24622

CVE-2026-24622 is a Missing Authorization vulnerability in the WordPress plugin “Suggestion Toolkit” (suggestion-toolkit) affecting versions up to and including 5.0. The issue allows exploitation of incorrectly configured access control, enabling unauthorized access due to missing authorization c...

CVE-2026-24616 WordPress WP Popups plugin <= 2.2.0.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Damian WP Popups wp-popups-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Popups: from n/a through = 2.2.0.5...

CVE-2026-24615 WordPress Cream Magazine theme <= 2.1.10 - Broken Access Control vulnerability

Missing Authorization vulnerability in themebeez Cream Magazine cream-magazine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cream Magazine: from n/a through = 2.1.10...

CVE-2026-24615

CVE-2026-24615 affects Cream Magazine (WordPress theme) up to version 2.1.10. Public docs describe a Missing Authorization vulnerability in cream-magazine that allows exploitation of improperly configured access controls. The Red Hat/RedHat-CVE and CVE databases confirm the issue and indicate the...