Export limit exceeded: 10524 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10524 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-64630 | 2 Strategy11, Wordpress | 2 Business Directory Plugin, Wordpress | 2026-04-15 | 4.7 Medium |
| Missing Authorization vulnerability in Strategy11 Team Business Directory business-directory-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Business Directory: from n/a through <= 6.4.19. | ||||
| CVE-2025-64631 | 2 Wclovers, Wordpress | 2 Wcfm Marketplace, Wordpress | 2026-04-15 | 5 Medium |
| Missing Authorization vulnerability in WC Lovers WCFM Marketplace wc-multivendor-marketplace allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCFM Marketplace: from n/a through <= 3.7.1. | ||||
| CVE-2025-68498 | 2 Crocoblock, Wordpress | 2 Jettabs, Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in Crocoblock JetTabs jet-tabs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetTabs: from n/a through <= 2.2.12. | ||||
| CVE-2025-55712 | 2 Posimyth, Wordpress | 2 The Plus Addons For Elementor Page Builder Lite, Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite the-plus-addons-for-elementor-page-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through <= 6.3.13. | ||||
| CVE-2025-24757 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in AndonDesign uDesign udesign.This issue affects uDesign: from n/a through <= 4.11.2. | ||||
| CVE-2025-68517 | 2 Essekia, Wordpress | 2 Tablesome Table, Wordpress | 2026-04-15 | 8.1 High |
| Missing Authorization vulnerability in Essekia Tablesome tablesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tablesome: from n/a through <= 1.1.35.1. | ||||
| CVE-2025-68523 | 2 Spiffyplugins, Wordpress | 2 Spiffy Calendar, Wordpress | 2026-04-15 | 8.1 High |
| Missing Authorization vulnerability in Spiffy Plugins Spiffy Calendar spiffy-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spiffy Calendar: from n/a through <= 5.0.7. | ||||
| CVE-2025-57899 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in AresIT WP Compress wp-compress-image-optimizer allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Compress: from n/a through <= 6.50.54. | ||||
| CVE-2025-68572 | 2 Spider-themes, Wordpress | 2 Bbp Core, Wordpress | 2026-04-15 | 8.8 High |
| Missing Authorization vulnerability in Spider Themes BBP Core bbp-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BBP Core: from n/a through <= 1.4.1. | ||||
| CVE-2025-5805 | 2 Ninetheme, Wordpress | 2 Electron, Wordpress | 2026-04-15 | 8.8 High |
| Missing Authorization vulnerability in Ninetheme Electron electron allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Electron: from n/a through <= 1.8.2. | ||||
| CVE-2023-48775 | 2026-04-15 | 5.3 Medium | ||
| Missing Authorization vulnerability in Gfazioli WP Cleanfix allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cleanfix: from n/a through 5.6.2. | ||||
| CVE-2025-66005 | 1 Shadowblip | 1 Inputplumber | 2026-04-15 | N/A |
| Lack of authorization of the InputManager D-Bus interface in InputPlumber versions before v0.63.0 can lead to local Denial-of-Service, information leak or even privilege escalation in the context of the currently active user session. | ||||
| CVE-2025-68591 | 2 Mitchell Bennis, Wordpress | 2 Simple File List, Wordpress | 2026-04-15 | 8.1 High |
| Missing Authorization vulnerability in Mitchell Bennis Simple File List simple-file-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple File List: from n/a through <= 6.1.18. | ||||
| CVE-2025-68596 | 2 Bitapps, Wordpress | 2 Bit Assist, Wordpress | 2026-04-15 | 8.8 High |
| Missing Authorization vulnerability in Bit Apps Bit Assist bit-assist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bit Assist: from n/a through <= 1.5.11. | ||||
| CVE-2024-6599 | 2 Mekshq, Wordpress | 2 Meks Video Importer, Wordpress | 2026-04-15 | 4.3 Medium |
| The Meks Video Importer plugin for WordPress is vulnerable to unauthorized API key modification due to a missing capability check on the ajax_save_settings function in all versions up to, and including, 1.0.12. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify the plugin's API keys. CVE-2024-38733 may be a duplicate of this issue. | ||||
| CVE-2023-50850 | 2026-04-15 | 4.3 Medium | ||
| Missing Authorization vulnerability in Woo WooCommerce Subscriptions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Subscriptions: from n/a before 5.8.0. | ||||
| CVE-2025-58600 | 2 Cozmoslabs, Wordpress | 2 Paid Member Subscriptions, Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in Cozmoslabs Paid Member Subscriptions paid-member-subscriptions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Paid Member Subscriptions: from n/a through <= 2.15.9. | ||||
| CVE-2025-58601 | 2 Radiustheme, Wordpress | 2 Classified Listing, Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in RadiusTheme Classified Listing classified-listing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Classified Listing: from n/a through <= 5.0.6. | ||||
| CVE-2025-66054 | 2 Thimpress, Wordpress | 2 Learnpress, Wordpress | 2026-04-15 | 7.5 High |
| Missing Authorization vulnerability in ThimPress LearnPress learnpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LearnPress: from n/a through <= 4.2.9.4. | ||||
| CVE-2025-66133 | 2 Wordpress, Wp Legal Pages | 2 Wordpress, Wp Cookie Notice | 2026-04-15 | 5.3 Medium |
| Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through <= 4.0.7. | ||||