4 matches found
CVE-2026-1925
The EmailKit – Email Customizer for WooCommerce & WP plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the 'updatetemplatedata' function in all versions up to, and including, 1.6.2. This makes it possible for authenticated attackers, with...
EUVD-2025-204651
The Frontend Post Submission Manager Lite plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.2.5. This is due to missing authorization checks on the post update functionality in the fpsmlformprocess AJAX action. This makes it possible for...
CVE-2024-6458
The WooCommerce Product Table Lite plugin for WordPress is vulnerable to unauthorized post title modification due to a missing capability check on the wcptpresetsduplicatepresettotable function in all versions up to, and including, 3.5.1. This makes it possible for authenticated attackers with...
CVE-2024-6824
The Premium Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'checktempvalidity' and 'updatetemplatetitle' functions in all versions up to, and including, 4.10.38. This makes it possible for authenticate...