CVE-2026-49060 WordPress Hippoo Mobile App for WooCommerce plugin <= 1.9.4 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Hippoo Mobile App for WooCommerce allows Privilege Escalation. This issue affects Hippoo Mobile App for WooCommerce: from n/a through 1.9.4...

CVE-2026-21025

Incorrect privilege assignment in Telephony prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information...

CVE-2026-21025

Incorrect privilege assignment in Telephony prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information...

CVE-2025-15656

CVE-2025-15656 is an Incorrect Privilege Assignment vulnerability affecting the WordPress School Management plugin (the CVE entry and related records list affected scope as WordPress School Management up to version 93.2.0). The underlying issue is privilege escalation via improper privilege assig...

CVE-2026-25334

Incorrect Privilege Assignment vulnerability in wordpresschef Salon Booking System Pro salon-booking-plugin-pro allows Privilege Escalation.This issue affects Salon Booking System Pro: from n/a through 10.30.12...

CVE-2026-32519

Incorrect Privilege Assignment vulnerability in Bit Apps Bit SMTP bit-smtp allows Privilege Escalation.This issue affects Bit SMTP: from n/a through = 1.2.2...

CVE-2025-67966 WordPress Lawyer Directory plugin <= 1.3.3 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in e-plugins Lawyer Directory lawyer-directory allows Privilege Escalation.This issue affects Lawyer Directory: from n/a through = 1.3.3...

CVE-2025-31643

CVE-2025-31643 affects Dasinfomedia WPCHURCH up to version 2.7.0. The issue is described as an Incorrect Privilege Assignment that enables Privilege Escalation (high severity CVSS 3.1: 8.8; network, low attack complexity, low privileges required, no user interaction). Public exploit details are n...

CVE-2025-49900

CVE-2025-49900 describes an Incorrect Privilege Assignment in the WordPress plugin Advanced Scrollbar (Advanced Scrollbar – Custom Scrollbar Styling and Behavior) , enabling Privilege Escalation for authenticated users (Subscriber+). Affected range is “from n/a through

CVE-2025-53425

Incorrect Privilege Assignment vulnerability in Dokan, Inc. Dokan dokan-lite allows Privilege Escalation.This issue affects Dokan: from n/a through = 4.1.3...

CVE-2025-49924 WordPress Wholesale Suite plugin <= 2.2.4.2 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices allows Privilege Escalation.This issue affects Wholesale Suite: from n/a through = 2.2.4.2...

EUVD-2025-28149

Malicious code in bioql PyPI...

CVE-2025-49388

CVE-2025-49388 affects WordPress Miraculous Core Plugin up to version 2.0.7, where an Incorrect Privilege Assignment allows Privilege Escalation. The CVE details indicate the vulnerability originates from the plugin’s privilege assignment logic, impacting all affected builds (n/a–2.0.7) with high...

The vulnerability of the FTP service provided by TOTOLINK N600R and X2000R microprogrammable router software allows attackers to increase their privileges.

The vulnerability of the FTP service provided by TOTOLINK N600R and X2000R microprogrammed router software is related to the improper assignment of privileges. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

CVE-2025-47539

Incorrect Privilege Assignment vulnerability in Themewinter Eventin allows Privilege Escalation. This issue affects Eventin: from n/a through 4.0.26...

WordPress plugin Checkout Mestres WP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Drupal 安全漏洞

Drupal is an open source content management system developed in the PHP language by the Drupal community. A security vulnerability exists in Drupal Registration role prior to version 2.0.1, which stems from the inclusion of a privilege assignment error vulnerability...

WordPress plugin SSL Wireless SMS Notification 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress plugin WPLMS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

Honor MagicOS 安全漏洞

Honor MagicOS is a mobile device operating system by Chinese company Honor Honor. A security vulnerability exists in Honor MagicOS version 8.0.0.157, which stems from a privilege assignment error and can be successfully exploited to cause a device service exception...