Total
5134 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-48257 | 2025-05-21 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Projectopia Projectopia allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Projectopia: from n/a through 5.1.17. | |||||
| CVE-2025-48242 | 2025-05-21 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in wpWax Legal Pages allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Legal Pages: from n/a through 1.4.5. | |||||
| CVE-2025-39368 | 2025-05-21 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in ed4becky Rootspersona allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rootspersona: from n/a through 3.7.5. | |||||
| CVE-2025-26920 | 2025-05-21 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in PressMaximum Customify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Customify: from n/a through 0.4.8. | |||||
| CVE-2025-39460 | 2025-05-21 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in ThimPress Eduma allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eduma: from n/a through 5.6.4. | |||||
| CVE-2025-26867 | 2025-05-21 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Themes4WP Bulk allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bulk: from n/a through 1.0.11. | |||||
| CVE-2025-39353 | 2025-05-21 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in ThemeGoods Grand Restaurant WordPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Grand Restaurant WordPress: from n/a through 7.0. | |||||
| CVE-2025-39451 | 2025-05-21 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in Crocoblock JetBlocks For Elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetBlocks For Elementor: from n/a through 1.3.16. | |||||
| CVE-2025-39352 | 2025-05-21 | N/A | 8.2 HIGH | ||
| Missing Authorization vulnerability in ThemeGoods Grand Restaurant WordPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Grand Restaurant WordPress: from n/a through 7.0. | |||||
| CVE-2025-39447 | 2025-05-21 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in Crocoblock JetElements For Elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetElements For Elementor: from n/a through 2.7.4.1. | |||||
| CVE-2025-39373 | 2025-05-21 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in jegtheme JNews.This issue affects JNews: from n/a through 11.6.5. | |||||
| CVE-2025-43838 | 2025-05-21 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in ChoPlugins Custom PC Builder Lite for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom PC Builder Lite for WooCommerce: from n/a through 1.0.1. | |||||
| CVE-2025-39350 | 2025-05-21 | N/A | 8.2 HIGH | ||
| Missing Authorization vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a before 5.8.0. | |||||
| CVE-2025-39449 | 2025-05-21 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in Crocoblock JetWooBuilder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetWooBuilder: from n/a through 2.1.18. | |||||
| CVE-2025-39398 | 2025-05-21 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Themovation Hotel + Bed and Breakfast Booking Calendar Theme | Bellevue.This issue affects Hotel + Bed and Breakfast Booking Calendar Theme | Bellevue: from n/a through 4.2.2. | |||||
| CVE-2025-39454 | 2025-05-21 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Jeroen Peters Name Directory.This issue affects Name Directory: from n/a through 1.30.0. | |||||
| CVE-2025-22287 | 2025-05-21 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Eniture Technology LTL Freight Quotes – FreightQuote Edition allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LTL Freight Quotes – FreightQuote Edition: from n/a through 2.3.11. | |||||
| CVE-2025-39376 | 2025-05-21 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in QuanticaLabs Car Park Booking System for WordPress.This issue affects Car Park Booking System for WordPress: from n/a through 2.6. | |||||
| CVE-2025-39388 | 2025-05-21 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Solid Plugins AnalyticsWP allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects AnalyticsWP: from n/a through 2.0.0. | |||||
| CVE-2025-4105 | 2025-05-21 | N/A | 5.4 MEDIUM | ||
| The Splitit plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on several functions in the 'splitIt-flexfields-payment-gateway.php' file in all versions up to, and including, 4.2.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change plugin settings, including changing the environment from sandbox to production and vice versa. | |||||