Total
4775 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-31729 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in jeffikus WooTumblog allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WooTumblog: from n/a through 2.1.4. | |||||
| CVE-2025-31795 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Plugin Devs Shopify to WooCommerce Migration allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Shopify to WooCommerce Migration: from n/a through 1.3.0. | |||||
| CVE-2025-31896 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in istmoplugins GetBookingsWP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GetBookingsWP: from n/a through 1.1.27. | |||||
| CVE-2025-31909 | 2025-04-07 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in NotFound Apptivo Business Site CRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Apptivo Business Site CRM: from n/a through 5.3. | |||||
| CVE-2025-31739 | 2025-04-07 | N/A | 6.4 MEDIUM | ||
| Missing Authorization vulnerability in Manuel Schmalstieg Minimalistic Event Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Minimalistic Event Manager: from n/a through 1.1.1. | |||||
| CVE-2025-31858 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in matthewrubin Local Magic allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Local Magic: from n/a through 2.6.0. | |||||
| CVE-2025-31746 | 2025-04-07 | N/A | 6.4 MEDIUM | ||
| Missing Authorization vulnerability in Think201 Clients allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Clients: from n/a through 1.1.4. | |||||
| CVE-2025-30915 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in enituretechnology Small Package Quotes – Worldwide Express Edition allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Small Package Quotes – Worldwide Express Edition: from n/a through 5.2.19. | |||||
| CVE-2025-31736 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in richtexteditor Rich Text Editor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Rich Text Editor: from n/a through 1.0.1. | |||||
| CVE-2025-32178 | 2025-04-07 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in 6Storage 6Storage Rentals allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects 6Storage Rentals: from n/a through 2.18.0. | |||||
| CVE-2025-2075 | 2025-04-07 | N/A | 8.8 HIGH | ||
| The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.3.0.2. This is due to add_role() and user_role() functions missing proper capability checks performed through the validate_rest_call() function. This makes it possible for unauthenticated attackers to set the role of arbitrary users to administrator granting full access to the site, though privilege escalation requires an active account on the site so this is considered an authenticated privilege escalation. | |||||
| CVE-2025-32239 | 2025-04-07 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Joao Romao Social Share Buttons & Analytics Plugin – GetSocial.io allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Social Share Buttons & Analytics Plugin – GetSocial.io: from n/a through 4.5. | |||||
| CVE-2025-32219 | 2025-04-07 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Syntactics, Inc. eaSYNC allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects eaSYNC: from n/a through 1.3.19. | |||||
| CVE-2025-32218 | 2025-04-07 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in RealMag777 TableOn – WordPress Posts Table Filterable allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects TableOn – WordPress Posts Table Filterable: from n/a through 1.0.4. | |||||
| CVE-2025-32231 | 2025-04-07 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Bookingor Bookingor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Bookingor: from n/a through 1.0.6. | |||||
| CVE-2025-32225 | 2025-04-07 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in WP Event Manager WP Event Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Event Manager: from n/a through 3.1.47. | |||||
| CVE-2025-32258 | 2025-04-07 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in InfoGiants Simple Website Logo allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Simple Website Logo: from n/a through 1.1. | |||||
| CVE-2025-32256 | 2025-04-07 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in devsoftbaltic SurveyJS allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects SurveyJS: from n/a through 1.12.20. | |||||
| CVE-2025-22285 | 2025-04-07 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Eniture Technology Pallet Packaging for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pallet Packaging for WooCommerce: from n/a through 1.1.15. | |||||
| CVE-2025-32226 | 2025-04-07 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Anzar Ahmed Display product variations dropdown on shop page allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Display product variations dropdown on shop page: from n/a through 1.1.3. | |||||