CVE-2025-53293 WordPress Dashboard Widget Sidebar plugin <= 1.2.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Morten Dalgaard Johansen Dashboard Widget Sidebar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Dashboard Widget Sidebar: from n/a through 1.2.3...

CVE-2025-53266

CVE-2025-53266: WordPress Cron Logger plugin

CVE-2025-39412

CVE-2025-39412 is a Missing Authorization issue affecting WordPress Master Slider/Master Slider plugin. Public details show: Averta Master Slider affected up to version 3.10.8; Master Slider plugin affected up to 3.11.0 (per Patchstack). Applicable CVSS base metrics indicate low to moderate impac...

WordPress EventPrime plugin < 3.5.0 - Subscriber+ Arbitrary booking settings update vulnerability

Subscriber+ Arbitrary booking settings update vulnerability discovered by caon in WordPress Plugin EventPrime versions 3.5.0...

WordPress Envo Extra plugin <= 1.9.9 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by domiee13 in WordPress Plugin Envo Extra versions = 1.9.9...

CVE-2025-39457 WordPress Booking and Rental Manager plugin <= 2.2.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in magepeopleteam Booking and Rental Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Booking and Rental Manager: from n/a through 2.2.8...

CVE-2025-32239 WordPress Social Share Buttons & Analytics Plugin plugin <= 4.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Joao Romao Social Share Buttons & Analytics Plugin – GetSocial.io allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Social Share Buttons & Analytics Plugin – GetSocial.io: from n/a through 4.5...

CVE-2025-31628 WordPress Sliced Invoices plugin <= 3.10.0 - Insecure Direct Object References (IDOR) vulnerability

Missing Authorization vulnerability in SlicedInvoices Sliced Invoices sliced-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sliced Invoices: from n/a through = 3.10.0...

CVE-2025-22681 WordPress Content Cloner plugin <= 1.0.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Xfinitysoft Content Cloner super-seo-content-cloner allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Content Cloner: from n/a through = 1.0.1...

CVE-2025-24697 WordPress Image Gallery – Responsive Photo Gallery plugin <= 1.0.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Realwebcare Image Gallery – Responsive Photo Gallery awesome-responsive-photo-gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Gallery – Responsive Photo Gallery: from n/a through = 1.0.5...

CVE-2025-24571 WordPress WP Fast Total Search plugin <= 1.78.258 - Broken Access Control vulnerability

Missing Authorization vulnerability in Epsiloncool WP Fast Total Search fulltext-search allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Fast Total Search: from n/a through = 1.78.258...