21406 matches found
CVE-2025-68057
Missing Authorization vulnerability in e-plugins Hospital Doctor Directory hospital-doctor-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hospital Doctor Directory: from n/a through = 1.3.9...
CVE-2025-68039 WordPress WP BackItUp plugin <= 2.1.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Chris Simmons WP BackItUp wp-backitup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP BackItUp: from n/a through = 2.1.0...
CVE-2025-68039
Missing Authorization vulnerability in Chris Simmons WP BackItUp wp-backitup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP BackItUp: from n/a through = 2.0.0...
CVE-2025-68039
CVE-2025-68039 describes a Missing Authorization vulnerability in WP BackItUp (WordPress plugin) where access control is incorrectly configured. Affected software: WP BackItUp wp-backitup up to and including version 2.0.0. Root cause: broken/insufficient authorization allowing unauthorized action...
CVE-2025-68039 WordPress WP BackItUp plugin <= 2.1.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Chris Simmons WP BackItUp wp-backitup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP BackItUp: from n/a through = 2.1.0...
CVE-2025-68020
CVE-2025-68020 affects the WANotifier WordPress plugin (versions through 2.7.12). The vulnerability is a Missing Authorization (Broken Access Control) issue in the notifier functionality, due to incorrectly configured access control security levels. This could allow an attacker to exploit the wea...
CVE-2025-68019 WordPress SEO Booster plugin <= 6.1.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in cleverplugins SEO Booster seo-booster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEO Booster: from n/a through = 6.1.8...
CVE-2025-68019
CVE-2025-68019 affects the WordPress SEO Booster (cleverplugins SEO Booster) up to version 6.1.8. The issue is described as Missing Authorization due to incorrectly configured access control security levels (Broken Access Control). CVSS v3.1: 6.5 (Network attack, low complexity, no privileges req...
CVE-2025-68020 WordPress Notifier plugin <= 2.7.13 - Broken Access Control vulnerability
Missing Authorization vulnerability in WANotifier Notifier notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notifier: from n/a through = 2.7.13...
CVE-2025-68020
Missing Authorization vulnerability in WANotifier WANotifier notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WANotifier: from n/a through = 2.7.12...
CVE-2025-68019
Missing Authorization vulnerability in cleverplugins SEO Booster seo-booster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEO Booster: from n/a through = 6.1.8...
CVE-2025-68019 WordPress SEO Booster plugin <= 6.1.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in cleverplugins SEO Booster seo-booster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEO Booster: from n/a through = 6.1.8...
CVE-2025-68020 WordPress Notifier plugin <= 2.7.13 - Broken Access Control vulnerability
Missing Authorization vulnerability in WANotifier Notifier notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notifier: from n/a through = 2.7.13...
CVE-2025-68018
CVE-2025-68018 concerns the WordPress plugin ilmosys Order Listener for WooCommerce woc-order-alert (
CVE-2025-68016
CVE-2025-68016 is a missing-authorization vulnerability in the Onepay Payment Gateway For WooCommerce (WordPress plugin) affecting versions up to 1.1.2. The Red Hat and NVD entries describe an issue with incorrectly configured access control, enabling an unauthenticated actor to modify order stat...
CVE-2025-68018 WordPress Order Listener for WooCommerce plugin <= 3.6.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in ilmosys Order Listener for WooCommerce woc-order-alert allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Listener for WooCommerce: from n/a through = 3.6.1...
CVE-2025-68018
Missing Authorization vulnerability in ilmosys Order Listener for WooCommerce woc-order-alert allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Listener for WooCommerce: from n/a through = 3.6.1...
CVE-2025-68018 WordPress Order Listener for WooCommerce plugin <= 3.6.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in StackWC Order Listener for WooCommerce woc-order-alert allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Listener for WooCommerce: from n/a through = 3.6.1...
CVE-2025-68016 WordPress onepay Payment Gateway For WooCommerce plugin <= 1.1.2 - Other Vulnerability Type vulnerability
Missing Authorization vulnerability in Onepay Sri Lanka onepay Payment Gateway For WooCommerce onepay-payment-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects onepay Payment Gateway For WooCommerce: from n/a through = 1.1.2...
CVE-2025-68016
Missing Authorization vulnerability in Onepay Sri Lanka onepay Payment Gateway For WooCommerce onepay-payment-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects onepay Payment Gateway For WooCommerce: from n/a through = 1.1.2...