21400 matches found
CVE-2026-24529
Missing Authorization vulnerability in Alejandro Quick Restaurant Reservations quick-restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Restaurant Reservations: from n/a through = 1.6.7...
CVE-2026-24529 WordPress Quick Restaurant Reservations plugin <= 1.6.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in Alejandro Quick Restaurant Reservations quick-restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Restaurant Reservations: from n/a through = 1.6.7...
CVE-2026-24529 WordPress Quick Restaurant Reservations plugin <= 1.6.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in Alejandro Quick Restaurant Reservations quick-restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Restaurant Reservations: from n/a through = 1.6.7...
CVE-2026-24525 WordPress CLP Varnish Cache plugin <= 1.0.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in CloudPanel CLP Varnish Cache clp-varnish-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CLP Varnish Cache: from n/a through = 1.0.2...
CVE-2026-24525
Missing Authorization vulnerability in CloudPanel CLP Varnish Cache clp-varnish-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CLP Varnish Cache: from n/a through = 1.0.2...
CVE-2026-24525 WordPress CLP Varnish Cache plugin <= 1.0.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in CloudPanel CLP Varnish Cache clp-varnish-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CLP Varnish Cache: from n/a through = 1.0.2...
CVE-2026-24522
Missing Authorization vulnerability in MyThemeShop WP Subscribe wp-subscribe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Subscribe: from n/a through = 1.2.16...
CVE-2026-24522 WordPress WP Subscribe plugin <= 1.2.16 - Broken Access Control vulnerability
Missing Authorization vulnerability in MyThemeShop WP Subscribe wp-subscribe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Subscribe: from n/a through = 1.2.16...
CVE-2026-24524
Missing Authorization vulnerability in Essekia Tablesome tablesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tablesome: from n/a through = 1.1.35.2...
CVE-2026-24524 WordPress Tablesome plugin <= 1.2.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in Essekia Tablesome tablesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tablesome: from n/a through = 1.2.8...
CVE-2026-24522 WordPress WP Subscribe plugin <= 1.2.16 - Broken Access Control vulnerability
Missing Authorization vulnerability in MyThemeShop WP Subscribe wp-subscribe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Subscribe: from n/a through = 1.2.16...
CVE-2026-24524
CVE-2026-24524 relates to the WordPress Tablesome plugin (Tablesome) with a missing/incorrectly configured authorization control. Multiple sources indicate affected versions include Tablesome/Essekia Tablesome up to at least 1.2.8 (and estimates up to 1.1.35.2 in other advisories). The issue is d...
CVE-2026-0927 KiviCare – Clinic & Patient Management System (EHR) <= 3.6.15 - Missing Authorization to Unauthenticated Limited Arbitrary File Upload
The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to arbitrary file uploads due to missing authorization checks in the uploadMedicalReport function in all versions up to, and including, 3.6.15. This makes it possible for unauthenticated attackers to upload...
CVE-2026-0927 KiviCare – Clinic & Patient Management System (EHR) <= 3.6.15 - Missing Authorization to Unauthenticated Limited Arbitrary File Upload
The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to arbitrary file uploads due to missing authorization checks in the uploadMedicalReport function in all versions up to, and including, 3.6.15. This makes it possible for unauthenticated attackers to upload...
CVE-2026-0927
CVE-2026-0927 affects KiviCare – Clinic & Patient Management System (EHR) WordPress plugin; all versions up to 3.6.15 are vulnerable to arbitrary file uploads due to missing authorization in uploadMedicalReport(). This enables unauthenticated attackers to upload text files or PDFs to the site, po...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization via the web interface when canceling scheduled auto-merges. An attacker can terminate auto-merges scheduled by other users by leveraging read access to pull requests. Remediation Upgrade...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization via the web interface when canceling scheduled auto-merges. An attacker can terminate auto-merges scheduled by other users by leveraging read access to pull requests. Remediation Upgrade...
PT-2026-4374
Name of the Vulnerable Software and Affected Versions Essekia Tablesome versions through 1.1.35.2 Description An authorization issue exists in Essekia Tablesome, allowing exploitation due to incorrectly configured access control security levels. Recommendations Update Essekia Tablesome to a versi...
PT-2026-4437
Name of the Vulnerable Software and Affected Versions themebeez Universal Google Adsense and Ads manager versions through 1.1.8 Description An issue exists in themebeez Universal Google Adsense and Ads manager related to incorrectly configured access control security levels, allowing for missing...
PT-2026-4458
Name of the Vulnerable Software and Affected Versions Trusona for WordPress versions through 2.0.0 Description The software contains a missing authorization issue that allows exploitation of incorrectly configured access control security levels. Recommendations Update Trusona for WordPress to a...