95 matches found
PT-2026-20762
Missing Authorization vulnerability in StellarWP iThemes Sync ithemes-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iThemes Sync: from n/a through = 3.2.8...
WordPress The Events Calendar plugin <= 6.15.12.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin The Events Calendar versions = 6.15.12.2...
CVE-2025-69352 WordPress The Events Calendar plugin <= 6.15.12.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in StellarWP The Events Calendar the-events-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Events Calendar: from n/a through = 6.15.12.2...
PT-2026-1480
Name of the Vulnerable Software and Affected Versions StellarWP The Events Calendar versions through 6.15.12.2 Description A missing authorization issue exists in StellarWP The Events Calendar, allowing exploitation of incorrectly configured access control security levels. Recommendations Update...
CVE-2025-67467
Cross-Site Request Forgery CSRF vulnerability in StellarWP GiveWP give allows Cross Site Request Forgery.This issue affects GiveWP: from n/a through = 4.13.1...
CVE-2025-66533
Improper Control of Generation of Code 'Code Injection' vulnerability in StellarWP GiveWP give allows Code Injection.This issue affects GiveWP: from n/a through = 4.13.1...
EUVD-2025-201953
Cross-Site Request Forgery CSRF vulnerability in StellarWP GiveWP give allows Cross Site Request Forgery.This issue affects GiveWP: from n/a through = 4.13.1...
EUVD-2025-201954
Improper Control of Generation of Code 'Code Injection' vulnerability in StellarWP GiveWP give allows Code Injection.This issue affects GiveWP: from n/a through = 4.13.1...
CVE-2025-67467
Cross-Site Request Forgery CSRF vulnerability in StellarWP GiveWP give allows Cross Site Request Forgery.This issue affects GiveWP: from n/a through = 4.13.1...
PT-2025-50078
Improper Control of Generation of Code 'Code Injection' vulnerability in StellarWP GiveWP give allows Code Injection.This issue affects GiveWP: from n/a through = 4.13.1...
PT-2025-50079
Cross-Site Request Forgery CSRF vulnerability in StellarWP GiveWP give allows Cross Site Request Forgery.This issue affects GiveWP: from n/a through = 4.13.1...
WordPress The Events Calendar plugin <= 6.15.9 - Missing Authorization to Authenticated (Subscriber+) Draft Event Title/QR Code Exposure vulnerability
Missing Authorization to Authenticated Subscriber+ Draft Event Title/QR Code Exposure vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin The Events Calendar versions = 6.15.9...
CVE-2025-49906
Missing Authorization vulnerability in StellarWP WPComplete wpcomplete allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPComplete: from n/a through = 2.9.5.3...
CVE-2025-62027
Missing Authorization vulnerability in StellarWP Event Tickets event-tickets.This issue affects Event Tickets: from n/a through = 5.26.3...
EUVD-2025-35381
Missing Authorization vulnerability in StellarWP Event Tickets event-tickets.This issue affects Event Tickets: from n/a through = 5.26.3...
EUVD-2025-35548
Missing Authorization vulnerability in StellarWP WPComplete wpcomplete allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPComplete: from n/a through = 2.9.5.3...
CVE-2025-62027
Missing Authorization vulnerability in StellarWP Event Tickets event-tickets.This issue affects Event Tickets: from n/a through = 5.26.3...
CVE-2025-49906
Missing Authorization vulnerability in StellarWP WPComplete wpcomplete allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPComplete: from n/a through = 2.9.5.3...
PT-2025-43174
Name of the Vulnerable Software and Affected Versions StellarWP WPComplete versions through 2.9.5.3 Description A missing authorization issue exists in StellarWP WPComplete. The issue allows access to functionality that is not properly constrained by Access Control Lists ACLs. Recommendations...
EUVD-2023-51767
Malicious code in bioql PyPI...