83594 matches found
CVE-2026-54846
CVE-2026-54846: Unauthenticated Broken Access Control in WordPress plugin Syncee Premium Dropshipping & Wholesale (versions
CVE-2026-54839 WordPress Trinity Backup – Backup, Migrate, Restore, Clone & Schedule Backups plugin <= 2.0.9 - Sensitive Data Exposure vulnerability
Unauthenticated Sensitive Data Exposure in Trinity Backup Backup, Migrate, Restore, Clone & Schedule Backups = 2.0.9 versions...
CVE-2026-54839
The CVE concerns the WordPress Trinity Backup – Backup, Migrate, Restore, Clone & Schedule Backups plugin, affected
CVE-2026-54835
CVE-2026-54835 concerns the WordPress plugin Five Star Restaurant Menu (versions
CVE-2026-54833 WordPress Enable CORS plugin <= 2.0.3 - Backdoor vulnerability
Unauthenticated Backdoor in Enable CORS = 2.0.3 versions...
CVE-2026-54832
The CVE-2026-54832 entry affects the WordPress plugin Gutenverse Companion, specifically versions
CVE-2026-54824 WordPress Ads by WPQuads plugin <= 3.0.3 - Sensitive Data Exposure vulnerability
Unauthenticated Sensitive Data Exposure in Ads by WPQuads = 3.0.3 versions...
EUVD-2026-39784
Unauthenticated Sensitive Data Exposure in Ads by WPQuads = 3.0.3 versions...
CVE-2026-54824
Unauthenticated sensitive data exposure affecting the WordPress Ads by WPQuads plugin ≤ 3.0.3. Affected component: the WPQuads Ads plugin for WordPress. Root cause: unspecified in the provided documents; the vulnerability is described as unauthenticated exposure. Impact: sensitive data exposure w...
CVE-2026-52701
CVE-2026-52701 is an unauthenticated broken access control vulnerability affecting WordPress User Registration plugin versions
CVE-2026-24547
The vulnerability CVE-2026-24547 affects the WordPress SiteGround Email Marketing plugin (versions up to and including 1.7.5). It is described as Unauthenticated Broken Access Control, indicating that an attacker could access restricted functionality or data without authentication. The CVSS v3.1 ...
CVE-2026-24547 WordPress SiteGround Email Marketing plugin <= 1.7.5 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in SiteGround Email Marketing = 1.7.5 versions...
CVE-2025-68075
CVE-2025-68075 describes a Contributor Cross Site Scripting (XSS) vulnerability in the WordPress plugin BNE Testimonials (versions ≤ 2.0.8). The CVSS 3.1 base metrics are provided (AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L) with a base score of 6.5 (Medium). Connected sources confirm the affected produ...
CVE-2025-68064 WordPress Goya Core plugin < 1.0.9.4 - Local File Inclusion vulnerability
Contributor Local File Inclusion in Goya Core 1.0.9.4 versions...
CVE-2025-68052 WordPress Eagle Booking plugin <= 1.3.4.3 - Cross Site Request Forgery (CSRF) vulnerability
Unauthenticated Cross Site Request Forgery CSRF in Eagle Booking = 1.3.4.3 versions...
CVE-2025-64636 WordPress Donation Thermometer plugin <= 2.2.7 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Donation Thermometer = 2.2.7 versions...
CVE-2025-63078
The CVE-2025-63078 entry concerns the WordPress plugin “Restaurant Menu by MotoPress” (MotoPress) <= 2.4.11. Affected component is the plugin’s access control mechanism, with root cause described as Broken Access Control. The vulnerability is reported to affect users of the plugin in WordPress...
CVE-2025-63078 WordPress Restaurant Menu by MotoPress plugin <= 2.4.11 - Broken Access Control vulnerability
Subscriber Broken Access Control in Restaurant Menu by MotoPress = 2.4.11 versions...
CVE-2025-63079 WordPress Live Copy Paste for Elementor plugin <= 1.5.3 - Broken Access Control vulnerability
Contributor Broken Access Control in Live Copy Paste for Elementor = 1.5.3 versions...
WordPress Restaurant Menu by MotoPress plugin <= 2.4.11 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by daroo in WordPress Plugin Restaurant Menu by MotoPress versions = 2.4.11...