CVE-2025-15656

CVE-2025-15656 is an Incorrect Privilege Assignment vulnerability affecting the WordPress School Management plugin (the CVE entry and related records list affected scope as WordPress School Management up to version 93.2.0). The underlying issue is privilege escalation via improper privilege assig...

CVE-2026-25334

Incorrect Privilege Assignment vulnerability in wordpresschef Salon Booking System Pro salon-booking-plugin-pro allows Privilege Escalation.This issue affects Salon Booking System Pro: from n/a through 10.30.12...

CVE-2026-32519

Incorrect Privilege Assignment vulnerability in Bit Apps Bit SMTP bit-smtp allows Privilege Escalation.This issue affects Bit SMTP: from n/a through = 1.2.2...

CVE-2025-67966 WordPress Lawyer Directory plugin <= 1.3.3 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in e-plugins Lawyer Directory lawyer-directory allows Privilege Escalation.This issue affects Lawyer Directory: from n/a through = 1.3.3...

CVE-2025-31643

CVE-2025-31643 affects Dasinfomedia WPCHURCH up to version 2.7.0. The issue is described as an Incorrect Privilege Assignment that enables Privilege Escalation (high severity CVSS 3.1: 8.8; network, low attack complexity, low privileges required, no user interaction). Public exploit details are n...

CVE-2025-49900

CVE-2025-49900 describes an Incorrect Privilege Assignment in the WordPress plugin Advanced Scrollbar (Advanced Scrollbar – Custom Scrollbar Styling and Behavior) , enabling Privilege Escalation for authenticated users (Subscriber+). Affected range is “from n/a through

CVE-2025-53425

Incorrect Privilege Assignment vulnerability in Dokan, Inc. Dokan dokan-lite allows Privilege Escalation.This issue affects Dokan: from n/a through = 4.1.3...

CVE-2025-49924 WordPress Wholesale Suite plugin <= 2.2.4.2 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices allows Privilege Escalation.This issue affects Wholesale Suite: from n/a through = 2.2.4.2...

EUVD-2025-28149

Malicious code in bioql PyPI...

CVE-2025-49388

CVE-2025-49388 affects WordPress Miraculous Core Plugin up to version 2.0.7, where an Incorrect Privilege Assignment allows Privilege Escalation. The CVE details indicate the vulnerability originates from the plugin’s privilege assignment logic, impacting all affected builds (n/a–2.0.7) with high...

CVE-2025-47539

Incorrect Privilege Assignment vulnerability in Themewinter Eventin allows Privilege Escalation. This issue affects Eventin: from n/a through 4.0.26...

WordPress plugin Checkout Mestres WP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Drupal 安全漏洞

Drupal is an open source content management system developed in the PHP language by the Drupal community. A security vulnerability exists in Drupal Registration role prior to version 2.0.1, which stems from the inclusion of a privilege assignment error vulnerability...

WordPress plugin SSL Wireless SMS Notification 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress plugin WPLMS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

Honor MagicOS 安全漏洞

Honor MagicOS is a mobile device operating system from Chinese company Honor Honor. A security vulnerability exists in Honor MagicOS version 8.0.1.112, which stems from the presence of a privilege assignment error and can be successfully exploited to cause a device service exception...

Honor MagicOS 安全漏洞

Honor MagicOS is a mobile device operating system by Chinese company Honor Honor. A security vulnerability exists in Honor MagicOS version 8.0.0.157, which stems from a privilege assignment error and can be successfully exploited to cause a device service exception...

Honor MagicOS 安全漏洞

Honor MagicOS is a mobile device operating system from Chinese company Honor Honor. A security vulnerability exists in Honor MagicOS version 8.0.0.64, which stems from the presence of a privilege assignment error, and successful exploitation may result in a device service exception...

Trend Micro Deep Security 安全漏洞

Trend Micro Deep Security is a server deep security protection system client from Trend Micro. A security vulnerability exists in Trend Micro Deep Security that stems from the inclusion of a privilege assignment error vulnerability that could allow a local attacker to elevate the privileges of an...

Siemens SINEC NMS Privilege Assignment Error Vulnerability

SINEC NMS is a new generation network management system for digital enterprises. The system enables centralized monitoring, management and configuration of the network. A privilege assignment error vulnerability exists in Siemens SINEC NMS, which can be exploited by an attacker to write arbitrary...