Export limit exceeded: 21427 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10479 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10479 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-62072 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 4.3 Medium |
| Missing Authorization vulnerability in Rustaurius Front End Users front-end-only-users.This issue affects Front End Users: from n/a through <= 3.2.33. | ||||
| CVE-2025-22686 | 2026-04-15 | N/A | ||
| Missing Authorization vulnerability in WesternDeal CF7 Google Sheets Connector cf7-google-sheets-connector allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CF7 Google Sheets Connector: from n/a through <= 5.0.17. | ||||
| CVE-2025-62079 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in Damian WP Export Categories & Taxonomies wp-export-categories-taxonomies allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Export Categories & Taxonomies: from n/a through <= 1.0.3. | ||||
| CVE-2025-62092 | 2 Wiremo, Wordpress | 2 Wiremo, Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in Wiremo Wiremo woo-reviews-by-wiremo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wiremo: from n/a through <= 1.4.99. | ||||
| CVE-2025-62098 | 2 Totalsoft, Wordpress | 2 Portfolio Gallery, Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in totalsoft Portfolio Gallery gallery-portfolio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery: from n/a through <= 1.4.8. | ||||
| CVE-2025-62099 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in approveme Signature Add-On for Gravity Forms gravity-signature-forms-add-on allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Signature Add-On for Gravity Forms: from n/a through <= 1.8.6. | ||||
| CVE-2025-49888 | 2026-04-15 | N/A | ||
| Missing Authorization vulnerability in pimwick PW WooCommerce On Sale! pw-woocommerce-on-sale allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PW WooCommerce On Sale!: from n/a through <= 1.39. | ||||
| CVE-2022-44578 | 2 Pierre-jehan, Wordpress | 2 Owl Carousel, Wordpress | 2026-04-15 | 5.3 Medium |
| Missing Authorization vulnerability in Pierre JEHAN Owl Carousel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Owl Carousel: from n/a through 0.5.3. | ||||
| CVE-2024-49581 | 1 Palantir | 1 Foundry | 2026-04-15 | 6.5 Medium |
| Restricted Views backed objects (OSV1) could be bypassed under specific circumstances due to a software bug, this could have allowed users that didn't have permission to see such objects to view them via Object Explorer directly. This software bug did not impact or otherwise make data available across organizational boundaries nor did it allow for data to be viewed or accessed by unauthenticated users. The affected service have been patched and automatically deployed to all Apollo-managed Foundry instances. | ||||
| CVE-2025-62129 | 2 Magnigenie, Wordpress | 2 Restropress, Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in Magnigenie RestroPress restropress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RestroPress: from n/a through <= 3.2.7. | ||||
| CVE-2025-8595 | 2 Themegrill, Wordpress | 2 Zakra, Wordpress | 2026-04-15 | 4.3 Medium |
| The Zakra theme for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the welcome_notice_import_handler() function in all versions up to, and including, 4.1.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to import demo settings. | ||||
| CVE-2025-68981 | 3 Designthemes, Elementor, Wordpress | 3 Homefix Elementor Portfolio, Elementor, Wordpress | 2026-04-15 | 8.8 High |
| Missing Authorization vulnerability in designthemes HomeFix Elementor Portfolio homefix-ele-portfolio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HomeFix Elementor Portfolio: from n/a through <= 1.0.1. | ||||
| CVE-2025-68976 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 8.8 High |
| Missing Authorization vulnerability in Eagle-Themes Eagle Booking eagle-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eagle Booking: from n/a through <= 1.3.4.3. | ||||
| CVE-2024-10390 | 2026-04-15 | 6.4 Medium | ||
| The Elfsight Telegram Chat CC plugin for WordPress is vulnerable to unauthorized modification of data to a missing capability check on the 'updatePreferences' function in all versions up to, and including, 1.1.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2024-50421 | 1 Wpovernight | 1 Woocommerce Pdf Invoices\& Packing Slips | 2026-04-15 | N/A |
| Missing Authorization vulnerability in WP Overnight WooCommerce PDF Invoices & Packing Slips woocommerce-pdf-invoices-packing-slips allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce PDF Invoices & Packing Slips: from n/a through <= 3.8.6. | ||||
| CVE-2024-50422 | 1 Cloudways | 1 Breeze | 2026-04-15 | N/A |
| Missing Authorization vulnerability in Cloudways Breeze breeze allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Breeze: from n/a through <= 2.1.14. | ||||
| CVE-2025-12149 | 1 Search-guard | 1 Search Guard | 2026-04-15 | N/A |
| In Search Guard FLX versions 3.1.2 and earlier, while Document-Level Security (DLS) is correctly enforced elsewhere, when the search is triggered from a Signals watch, the DLS rule is not enforced, allowing access to all documents in the queried indices. | ||||
| CVE-2024-50423 | 2 Templately, Wordpress | 2 Templately, Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in WPDeveloper Templately templately allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Templately: from n/a through <= 3.1.5. | ||||
| CVE-2025-48326 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in Acclectic Media Acclectic Media Organizer acclectic-media-organizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Acclectic Media Organizer: from n/a through <= 1.4. | ||||
| CVE-2024-50424 | 2 Templately, Wordpress | 2 Templately, Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in WPDeveloper Templately templately allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Templately: from n/a through <= 3.1.5. | ||||