CVE-2025-10039

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.2.9 via the 'ehcrmticketsingleviewclient' due to missing validation on a user controlled key. This makes it possible for...

EUVD-2025-27944

Malicious code in bioql PyPI...

CVE-2024-0975

The WordPress Access Control plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.0.13 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's "Make Website Members Only" feature when unset and view...

WordPress plugin Acerola 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2025-31846 WordPress Theater for WordPress plugin <= 0.18.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Jeroen Schmit Theater for WordPress theatre allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Theater for WordPress: from n/a through = 0.18.7...

WordPress Plugin WordPress Access Control Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

WordPress WordPress Access Control Plugin <= 4.0.13 is vulnerable to Sensitive Data Exposure

Software WordPress Access Control Type Plugin Vulnerable versions = 4.0.13 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-0975 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 6f6e7407c536 Credits Francesco Carlucci...

PT-2024-15954 · WordPress · Wordpress Access Control

Name of the Vulnerable Software and Affected Versions: WordPress Access Control plugin versions up to, and including, 4.0.13 Description: The WordPress Access Control plugin is vulnerable to Sensitive Information Exposure via the REST API. This allows unauthenticated attackers to bypass the...

WordPress 访问控制错误漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports personal blog sites on servers running PHP and MySQL. An Access Control Error vulnerability exists in WordPress Plugins, which stems from The Logo Slider and...