CVE-2025-31768 WordPress Widget Manager Light plugin <= 1.18 - Broken Access Control vulnerability

Missing Authorization vulnerability in OTWthemes Widget Manager Light allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Widget Manager Light: from n/a through 1.18...

CVE-2025-31768

CVE-2025-31768 concerns the WordPress plugin Widget Manager Light (OTWthemes). The vulnerability is described as a Missing Authorization issue that allows accessing functionality not properly constrained by ACLs. Affected versions are Widget Manager Light up to and including 1.18 (n/a through

PT-2025-14734 · Otwthemes · Otwthemes Widget Manager Light

Name of the Vulnerable Software and Affected Versions: OTWthemes Widget Manager Light versions 1.18 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For OTWthemes Widget...

CVE-2024-24930

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in OTWthemes.Com Buttons Shortcode and Widget allows Stored XSS.This issue affects Buttons Shortcode and Widget: from n/a through 1.16...