WordPress Surfer Plugin <= 1.6.4.574 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Hiro Code016Hiro in WordPress Plugin Surfer versions = 1.6.4.574...

CVE-2025-58603 WordPress Surfer Plugin <= 1.6.4.574 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Surfer Surfer surferseo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Surfer: from n/a through = 1.6.4.574...

CVE-2025-58603

CVE-2025-58603 : A missing-authorization issue affects the WordPress plugin Surfer (SurferSEO) up to version 1.6.4.574 . The vulnerability arises from incorrectly configured access control enabling unauthorized access to protected functionality. Reported as a WordPress plugin issue and tracked in...

CVE-2023-35037 WordPress Surfer plugin <= 1.3.2.357 - Broken Access Control vulnerability

Missing Authorization vulnerability in Surfer Surfer surferseo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Surfer: from n/a through = 1.3.2.357...

WordPress Surfer Plugin <= 1.5.0.502 is vulnerable to SQL Injection

Software Surfer Type Plugin Vulnerable versions = 1.5.0.502 Fixed in 1.6.0.523 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-49299 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID d0e40de8a6d2 Credits Nguyễn Trung Kiên anhchangmutrang Required privile...

WordPress Surfer Plugin <= 1.3.2.357 is vulnerable to Broken Access Control

Software Surfer Type Plugin Vulnerable versions = 1.3.2.357 Fixed in 1.3.3.379 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-35037 Patch priority High CVSS severity High 7.6 Developer Claim ownership PSID fee59b89530e Credits Jonas Höbenreich Required...