Export limit exceeded: 10751 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (7724 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-31886 | 2026-04-15 | N/A | ||
| Missing Authorization vulnerability in Repuso Social proof testimonials and reviews by Repuso social-testimonials-and-reviews-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social proof testimonials and reviews by Repuso: from n/a through <= 5.21. | ||||
| CVE-2025-31872 | 2026-04-15 | N/A | ||
| Missing Authorization vulnerability in Galaxy Weblinks WP Clone any post type wp-clone-any-post-type allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Clone any post type: from n/a through <= 3.6. | ||||
| CVE-2025-31866 | 2026-04-15 | N/A | ||
| Missing Authorization vulnerability in Ship Depot ShipDepot for WooCommerce ship-depot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShipDepot for WooCommerce: from n/a through <= 1.2.19. | ||||
| CVE-2025-31846 | 2026-04-15 | N/A | ||
| Missing Authorization vulnerability in Jeroen Schmit Theater for WordPress theatre allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Theater for WordPress: from n/a through <= 0.18.7. | ||||
| CVE-2025-31729 | 2026-04-15 | N/A | ||
| Missing Authorization vulnerability in jeffikus WooTumblog woo-tumblog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooTumblog: from n/a through <= 2.1.4. | ||||
| CVE-2025-31603 | 2026-04-15 | N/A | ||
| Missing Authorization vulnerability in moshensky CF7 Spreadsheets cf7-spreadsheets allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CF7 Spreadsheets: from n/a through <= 2.3.2. | ||||
| CVE-2024-12413 | 2026-04-15 | 5.3 Medium | ||
| The MarketKing — Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several functions like 'marketking_delete_team_member', 'marketkingrejectuser', 'marketking_save_profile_settings', and many more in all versions up to, and including, 2.0.00. This makes it possible for unauthenticated attackers to delete users, update settings, approve users, and more. | ||||
| CVE-2025-66136 | 2 Merkulove, Wordpress | 2 Carter For Elementor, Wordpress | 2026-04-15 | 8.8 High |
| Missing Authorization vulnerability in merkulove Carter for Elementor carter-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Carter for Elementor: from n/a through <= 1.0.2. | ||||
| CVE-2025-66141 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 5.4 Medium |
| Missing Authorization vulnerability in merkulove Scroller scroller allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Scroller: from n/a through <= 2.0.2. | ||||
| CVE-2025-31541 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in TuriTop TuriTop Booking System turitop-booking-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TuriTop Booking System: from n/a through <= 1.0.10. | ||||
| CVE-2025-31539 | 2 Blocksera, Wordpress | 2 Cryptocurrency Widgets Pack, Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in Blocksera Cryptocurrency Widgets Pack cryptocurrency-widgets-pack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cryptocurrency Widgets Pack: from n/a through <= 2.0.1. | ||||
| CVE-2025-31066 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in themeton Acerola acerola allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Acerola: from n/a through <= 1.6.5. | ||||
| CVE-2025-31012 | 2026-04-15 | N/A | ||
| Missing Authorization vulnerability in Phil Age Gate age-gate allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Age Gate: from n/a through <= 3.5.4. | ||||
| CVE-2024-44115 | 2026-04-15 | 4.3 Medium | ||
| The RFC enabled function module allows a low privileged user to add URLs to any user's workplace favourites. This vulnerability could be utilized to identify usernames and access information about targeted user's workplaces, and nodes. There is low impact on integrity of the application | ||||
| CVE-2024-44113 | 2026-04-15 | 4.3 Medium | ||
| Due to missing authorization checks, SAP Business Warehouse (BEx Analyzer) allows an authenticated attacker to access information over the network which is otherwise restricted. On successful exploitation the attacker can enumerate information causing a limited impact on confidentiality of the application. | ||||
| CVE-2025-30957 | 1 Buddydev | 1 Activity Plus Reloaded For Buddypress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in BuddyDev Activity Plus Reloaded for BuddyPress bp-activity-plus-reloaded allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Activity Plus Reloaded for BuddyPress: from n/a through <= 1.1.2. | ||||
| CVE-2025-66148 | 2 Merkulove, Wordpress | 2 Conformer For Elementor, Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in merkulove Conformer for Elementor conformer-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Conformer for Elementor: from n/a through <= 1.0.7. | ||||
| CVE-2025-66149 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in merkulove UnGrabber ungrabber allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UnGrabber: from n/a through <= 3.1.3. | ||||
| CVE-2025-66150 | 1 Wordpress | 1 Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in merkulove Appender appender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Appender: from n/a through <= 1.1.1. | ||||
| CVE-2025-66152 | 2 Merkulove, Wordpress | 2 Criptopayer For Elementor, Wordpress | 2026-04-15 | N/A |
| Missing Authorization vulnerability in merkulove Criptopayer for Elementor criptopayer-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Criptopayer for Elementor: from n/a through <= 1.0.1. | ||||