Total
5241 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-22319 | 2025-01-07 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in DearHive Social Media Share Buttons | MashShare.This issue affects Social Media Share Buttons | MashShare: from n/a through 4.0.47. | |||||
| CVE-2024-56272 | 2025-01-07 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in ThemeSupport Hide Category by User Role for WooCommerce.This issue affects Hide Category by User Role for WooCommerce: from n/a through 2.1.1. | |||||
| CVE-2024-56270 | 2025-01-07 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in SecureSubmit WP SecureSubmit.This issue affects WP SecureSubmit: from n/a through 1.5.16. | |||||
| CVE-2025-22592 | 2025-01-07 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in Lenderd 1003 Mortgage Application allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects 1003 Mortgage Application: from n/a through 1.87. | |||||
| CVE-2025-22591 | 2025-01-07 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Lenderd 1003 Mortgage Application allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 1003 Mortgage Application: from n/a through 1.87. | |||||
| CVE-2025-22560 | 2025-01-07 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Saoshyant.1994 Saoshyant Page Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Saoshyant Page Builder: from n/a through 3.8. | |||||
| CVE-2025-22543 | 2025-01-07 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Beautiful Templates ST Gallery WP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ST Gallery WP: from n/a through 1.0.8. | |||||
| CVE-2025-22541 | 2025-01-07 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Etruel Developments LLC WP Delete Post Copies allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Delete Post Copies: from n/a through 5.5. | |||||
| CVE-2025-22534 | 2025-01-07 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Ella van Durpe Slides & Presentations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slides & Presentations: from n/a through 0.0.39. | |||||
| CVE-2025-22512 | 2025-01-07 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Sprout Apps Help Scout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Help Scout: from n/a through 6.5.1. | |||||
| CVE-2024-1649 | 1 Frenify | 1 Categorify | 2025-01-07 | N/A | 4.3 MEDIUM |
| The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxDeleteCategory function in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete categories. | |||||
| CVE-2024-1650 | 1 Frenify | 1 Categorify | 2025-01-07 | N/A | 4.3 MEDIUM |
| The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxRenameCategory function in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to rename categories. | |||||
| CVE-2024-1652 | 1 Frenify | 1 Categorify | 2025-01-07 | N/A | 4.3 MEDIUM |
| The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxClearCategory function in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to clear categories. | |||||
| CVE-2024-1653 | 1 Frenify | 1 Categorify | 2025-01-07 | N/A | 4.3 MEDIUM |
| The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxUpdateFolderPosition in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to update the folder position of categories as well as update the metadata of other taxonomies. | |||||
| CVE-2024-12711 | 2025-01-07 | N/A | 5.3 MEDIUM | ||
| The RSVP and Event Management plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several AJAX functions like bulk_delete_attendees() and bulk_delete_questions() in all versions up to, and including, 2.7.13. This makes it possible for unauthenticated attackers to delete questions and attendees and for authenticated users to update question menu orders. | |||||
| CVE-2025-22304 | 2025-01-07 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in osamaesh WP Visitor Statistics (Real Time Traffic) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through 7.3. | |||||
| CVE-2025-22302 | 2025-01-07 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in WP Wand WP Wand allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Wand: from n/a through 1.2.5. | |||||
| CVE-2025-22299 | 2025-01-07 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in spacecodes AI for SEO allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI for SEO: from n/a through 1.2.9. | |||||
| CVE-2025-22298 | 2025-01-07 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Hive Support Hive Support – WordPress Help Desk allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hive Support – WordPress Help Desk: from n/a through 1.1.6. | |||||
| CVE-2024-56294 | 2025-01-07 | N/A | 6.4 MEDIUM | ||
| Missing Authorization vulnerability in POSIMYTH Nexter Blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nexter Blocks: from n/a through 4.0.7. | |||||