21399 matches found
CVE-2026-24615
CVE-2026-24615 affects Cream Magazine (WordPress theme) up to version 2.1.10. Public docs describe a Missing Authorization vulnerability in cream-magazine that allows exploitation of improperly configured access controls. The Red Hat/RedHat-CVE and CVE databases confirm the issue and indicate the...
CVE-2026-24615 WordPress Cream Magazine theme <= 2.1.10 - Broken Access Control vulnerability
Missing Authorization vulnerability in themebeez Cream Magazine cream-magazine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cream Magazine: from n/a through = 2.1.10...
CVE-2026-24619 WordPress PopCash.Net Code Integration Tool plugin <= 1.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in PopCash PopCash.Net Code Integration Tool popcashnet-code-integration-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PopCash.Net Code Integration Tool: from n/a through = 1.8...
CVE-2026-24616
Missing Authorization vulnerability in Damian WP Popups wp-popups-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Popups: from n/a through = 2.2.0.3...
CVE-2026-24615
Missing Authorization vulnerability in themebeez Cream Magazine cream-magazine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cream Magazine: from n/a through = 2.1.10...
CVE-2026-24619
Missing Authorization vulnerability in PopCash PopCash.Net Code Integration Tool popcashnet-code-integration-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PopCash.Net Code Integration Tool: from n/a through = 1.8...
CVE-2026-24607
CVE-2026-24607: Travel Monster WordPress theme up to 1.3.3 suffers Missing Authorization (Broken Access Control). The vulnerability affects Travel Monster (WordPress theme) and is currently unpatched according to sources, with advisories indicating to upgrade to a version later than 1.3.3. No exp...
CVE-2026-24607 WordPress Travel Monster theme <= 1.3.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in wptravelengine Travel Monster travel-monster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel Monster: from n/a through = 1.3.3...
CVE-2026-24612 WordPress Orchid Store theme <= 1.5.15 - Broken Access Control vulnerability
Missing Authorization vulnerability in themebeez Orchid Store orchid-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Orchid Store: from n/a through = 1.5.15...
CVE-2026-24606
Missing Authorization vulnerability in Web Impian Bayarcash WooCommerce bayarcash-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bayarcash WooCommerce: from n/a through = 4.3.11...
CVE-2026-24606 WordPress Bayarcash WooCommerce plugin <= 4.3.13 - Broken Access Control vulnerability
Missing Authorization vulnerability in Web Impian Bayarcash WooCommerce bayarcash-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bayarcash WooCommerce: from n/a through = 4.3.13...
CVE-2026-24613
Missing Authorization vulnerability in Ecwid by Lightspeed Ecommerce Shopping Cart Ecwid Shopping Cart ecwid-shopping-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ecwid Shopping Cart: from n/a through = 7.0.5...
CVE-2026-24606 WordPress Bayarcash WooCommerce plugin <= 4.3.13 - Broken Access Control vulnerability
Missing Authorization vulnerability in Web Impian Bayarcash WooCommerce bayarcash-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bayarcash WooCommerce: from n/a through = 4.3.13...
CVE-2026-24612 WordPress Orchid Store theme <= 1.5.15 - Broken Access Control vulnerability
Missing Authorization vulnerability in themebeez Orchid Store orchid-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Orchid Store: from n/a through = 1.5.15...
CVE-2026-24607
Missing Authorization vulnerability in wptravelengine Travel Monster travel-monster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel Monster: from n/a through = 1.3.3...
CVE-2026-24613 WordPress Ecwid Shopping Cart plugin <= 7.0.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Ecwid by Lightspeed Ecommerce Shopping Cart Ecwid Shopping Cart ecwid-shopping-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ecwid Shopping Cart: from n/a through = 7.0.6...
CVE-2026-24612
Missing Authorization vulnerability in themebeez Orchid Store orchid-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Orchid Store: from n/a through = 1.5.15...
CVE-2026-24605
CVE-2026-24605 concerns WordPress plugin X Addons for Elementor with versions up to 1.0.23. The Red Hat/NVD entries describe a Missing Authorization vulnerability caused by misconfigured access control security levels, enabling unauthorized access. Public feeds corroborate the affected software a...
CVE-2026-24605
Missing Authorization vulnerability in pencilwp X Addons for Elementor x-addons-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects X Addons for Elementor: from n/a through = 1.0.23...
CVE-2026-24603 WordPress Universal Google Adsense and Ads manager plugin <= 1.1.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in themebeez Universal Google Adsense and Ads manager universal-google-adsense-and-ads-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Universal Google Adsense and Ads manager: from n/a through = 1.1.8...