21399 matches found
CVE-2026-24588 WordPress Smart Product Viewer plugin <= 1.5.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in topdevs Smart Product Viewer smart-product-viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart Product Viewer: from n/a through = 1.5.4...
CVE-2026-24588
CVE-2026-24588 is a missing authorization/broken access control vulnerability in the WordPress plugin Smart Product Viewer (versions
CVE-2026-24580
Affects Ecwid Shopping Cart (WordPress plugin) up to version 7.0.5. The issue is a Missing/Incorrectly Configured Authorization that enables broken access control, potentially allowing unauthorized access to certain functions or data. Public sources in the connected docs confirm the vulnerability...
CVE-2026-24585 WordPress Hyyan WooCommerce Polylang Integration plugin <= 1.5.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Hyyan Abo Fakher Hyyan WooCommerce Polylang Integration woo-poly-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hyyan WooCommerce Polylang Integration: from n/a through = 1.5.0...
CVE-2026-24585 WordPress Hyyan WooCommerce Polylang Integration plugin <= 1.5.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Hyyan Abo Fakher Hyyan WooCommerce Polylang Integration woo-poly-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hyyan WooCommerce Polylang Integration: from n/a through = 1.5.0...
CVE-2026-24581 WordPress Points and Rewards for WooCommerce plugin <= 2.9.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP Swings Points and Rewards for WooCommerce points-and-rewards-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Points and Rewards for WooCommerce: from n/a through = 2.9.5...
CVE-2026-24585
Missing Authorization vulnerability in Hyyan Abo Fakher Hyyan WooCommerce Polylang Integration woo-poly-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hyyan WooCommerce Polylang Integration: from n/a through = 1.5.0...
CVE-2026-24581
Missing Authorization vulnerability in WP Swings Points and Rewards for WooCommerce points-and-rewards-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Points and Rewards for WooCommerce: from n/a through = 2.9.5...
CVE-2026-24583 WordPress SumUp Payment Gateway For WooCommerce plugin <= 2.7.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in sumup SumUp Payment Gateway For WooCommerce sumup-payment-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SumUp Payment Gateway For WooCommerce: from n/a through = 2.7.9...
CVE-2026-24580 WordPress Ecwid Shopping Cart plugin <= 7.0.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in Ecwid by Lightspeed Ecommerce Shopping Cart Ecwid Shopping Cart ecwid-shopping-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ecwid Shopping Cart: from n/a through = 7.0.5...
CVE-2026-24583
Missing Authorization vulnerability in sumup SumUp Payment Gateway For WooCommerce sumup-payment-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SumUp Payment Gateway For WooCommerce: from n/a through = 2.7.9...
CVE-2026-24585
CVE-2026-24585 affects the WordPress plugin Hyyan WooCommerce Polylang Integration (woo-poly-integration) up to 1.5.0. The issue is Missing Authorization / Broken Access Control, enabling exploitation due to incorrectly configured access control security levels. Public documentation confirms affe...
CVE-2026-24580
Missing Authorization vulnerability in Ecwid by Lightspeed Ecommerce Shopping Cart Ecwid Shopping Cart ecwid-shopping-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ecwid Shopping Cart: from n/a through = 7.0.5...
CVE-2026-24581 WordPress Points and Rewards for WooCommerce plugin <= 2.9.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP Swings Points and Rewards for WooCommerce points-and-rewards-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Points and Rewards for WooCommerce: from n/a through = 2.9.5...
CVE-2026-24583
CVE-2026-24583 is a Missing Authorization (Broken Access Control) vulnerability in the WordPress plugin SumUp Payment Gateway For WooCommerce, affecting versions through 2.7.9. The issue stems from incorrectly configured access control security levels, enabling unauthorized access to certain oper...
CVE-2026-24580 WordPress Ecwid Shopping Cart plugin <= 7.0.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in Ecwid by Lightspeed Ecommerce Shopping Cart Ecwid Shopping Cart ecwid-shopping-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ecwid Shopping Cart: from n/a through = 7.0.5...
CVE-2026-24579 WordPress Ai Image Alt Text Generator for WP plugin <= 1.1.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP Messiah Ai Image Alt Text Generator for WP ai-image-alt-text-generator-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ai Image Alt Text Generator for WP: from n/a through = 1.1.9...
CVE-2026-24578 WordPress Admin login URL Change plugin <= 1.1.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in Jahid Hasan Admin login URL Change admin-login-url-change allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin login URL Change: from n/a through = 1.1.5...
CVE-2026-24579
Missing Authorization vulnerability in WP Messiah Ai Image Alt Text Generator for WP ai-image-alt-text-generator-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ai Image Alt Text Generator for WP: from n/a through = 1.1.9...
CVE-2026-24579
CVE-2026-24579 is a missing/ broken authorization vulnerability in the WordPress plugin Ai Image Alt Text Generator for WP (versions up to and including 1.1.9). Public sources in the Connected documents describe this as an access-control flaw that allows exploitation due to misconfigured access l...