CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Missing Authorization vulnerability in Saad Iqbal myCred mycred allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects myCred: from n/a through = 2.9.4.2...

4.3CVSS5.9AI score0.00168EPSS

Exploits0References1

NVD•added 2025/06/17 3:15 p.m.•3 views

CVE-2025-49872

Missing Authorization vulnerability in Saad Iqbal myCred mycred allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects myCred: from n/a through = 2.9.4.2...

5.3CVSS0.00229EPSS

Exploits0References1

CVE•added 2025/06/17 3:1 p.m.•12 views

CVE-2025-49857

CVE-2025-49857 concerns the WordPress plugin myCred (WP plugin) with versions up to and including 2.9.4.2. The initial description and connected Red Hat/RedTeam-style sources indicate a Missing Authorization / Broken Access Control vulnerability, arising from incorrectly configured access control...

4.3CVSS5.9AI score0.00168EPSS

Exploits0References1

Cvelist•added 2025/06/17 3:1 p.m.•9 views

CVE-2025-49872 WordPress myCred plugin <= 2.9.4.2 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Saad Iqbal myCred mycred allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects myCred: from n/a through = 2.9.4.2...

5.3CVSS0.00229EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 4:36 a.m.•5 views

CVE-2023-35038

Cross-Site Request Forgery CSRF vulnerability in wpexperts.Io WP PDF Generator plugin = 1.2.2 versions...

8.8CVSS7.1AI score0.00068EPSS

Exploits0

RedhatCVE•added 2025/04/25 6:8 p.m.•3 views

CVE-2025-32522

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saad Iqbal License Manager for WooCommerce license-manager-for-woocommerce allows Reflected XSS.This issue affects License Manager for WooCommerce: from n/a through = 3.0.9...

7.1CVSS7.2AI score0.00669EPSS

Exploits0References1

NVD•added 2025/04/17 4:15 p.m.•2 views

CVE-2025-32522

7.1CVSS0.00669EPSS

Exploits0References1

Cvelist•added 2025/04/17 3:47 p.m.•10 views

CVE-2025-32522 WordPress License Manager for WooCommerce plugin <= 3.0.9 - Reflected Cross Site Scripting (XSS) vulnerability

7.1CVSS0.00669EPSS

Exploits0References1

RedhatCVE•added 2025/04/03 4:28 p.m.•5 views

CVE-2025-31888

Cross-Site Request Forgery CSRF vulnerability in WPExperts.io WP Multistore Locator wp-multi-store-locator allows Cross Site Request Forgery.This issue affects WP Multistore Locator: from n/a through = 2.5.2...

4.3CVSS5.9AI score0.00287EPSS

Exploits0References1

NVD•added 2025/04/01 3:16 p.m.•9 views

CVE-2025-31888

4.3CVSS0.00287EPSS

Exploits0References1

NVD•added 2025/02/25 3:15 p.m.•2 views

CVE-2025-26974

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPExperts.io WP Multistore Locator wp-multi-store-locator allows Blind SQL Injection.This issue affects WP Multistore Locator: from n/a through = 2.5.1...

9.3CVSS0.00052EPSS

Exploits0References1

Cvelist•added 2025/02/25 2:17 p.m.•8 views

CVE-2025-26974 WordPress WP Multi Store Locator plugin <= 2.5.1 - SQL Injection vulnerability

9.3CVSS0.00052EPSS

Exploits0References1

Vulnrichment•added 2025/02/25 2:17 p.m.•4 views

CVE-2025-26974 WordPress WP Multi Store Locator plugin <= 2.5.1 - SQL Injection vulnerability

9.3CVSS8.9AI score0.00052EPSS

Exploits0References1

Wordfence Blog•added 2024/01/10 4:1 p.m.•39 views

Type Juggling Leads to Two Vulnerabilities in POST SMTP Mailer WordPress Plugin

On December 14th, 2023, during our Bug Bounty Program Holiday Bug Extravaganza, we received a submission for an Authorization Bypass vulnerability in POST SMTP Mailer, a WordPress plugin with over 300,000+ active installations. This vulnerability makes it possible for unauthenticated threat actor...

7.5CVSS7.3AI score0.93684EPSS

Exploits7

NVD•added 2023/07/17 2:15 p.m.•10 views

CVE-2023-35038

Cross-Site Request Forgery CSRF vulnerability in wpexperts.Io WP PDF Generator plugin = 1.2.2 versions...

8.8CVSS0.00068EPSS

Exploits0References1