Total
5139 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-1733 | 1 Charlestsmith | 1 Word Replacer Pro | 2025-04-18 | N/A | 5.3 MEDIUM |
| The Word Replacer Pro plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the word_replacer_ultra() function in all versions up to, and including, 1.0. This makes it possible for unauthenticated attackers to update arbitrary content on the affected WordPress site. | |||||
| CVE-2022-20572 | 1 Google | 1 Android | 2025-04-18 | N/A | 6.7 MEDIUM |
| In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234475629References: Upstream kernel | |||||
| CVE-2025-24737 | 2025-04-17 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Mat Bao Corporation WP Helper Premium allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WP Helper Premium: from n/a through 4.6.1. | |||||
| CVE-2025-24581 | 2025-04-17 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Themefic Instantio allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Instantio: from n/a through 3.3.7. | |||||
| CVE-2025-27310 | 2025-04-17 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Radius of Thought Page and Post Lister allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Page and Post Lister: from n/a through 1.2.1. | |||||
| CVE-2025-23773 | 2025-04-17 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in mingocommerce Delete All Posts allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Delete All Posts: from n/a through 1.1.1. | |||||
| CVE-2025-31338 | 2025-04-17 | N/A | N/A | ||
| A missing authorization vulnerability in the retrieve teacher Information function of Wisdom Master Pro versions 5.0 through 5.2 allows remote attackers to obtain partial user data by accessing the API functionality. | |||||
| CVE-2025-24583 | 2025-04-17 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in AA Web Servant 12 Step Meeting List allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects 12 Step Meeting List: from n/a through 3.16.5. | |||||
| CVE-2025-23906 | 2025-04-17 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in wpseek WordPress Dashboard Tweeter allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WordPress Dashboard Tweeter: from n/a through 1.3.2. | |||||
| CVE-2025-26968 | 2025-04-17 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in webbernaut Cloak Front End Email allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Cloak Front End Email: from n/a through 1.9.5. | |||||
| CVE-2025-23958 | 2025-04-17 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in FADI MED Editor Wysiwyg Background Color allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Editor Wysiwyg Background Color: from n/a through 1.0. | |||||
| CVE-2025-32620 | 2025-04-17 | N/A | 7.1 HIGH | ||
| Missing Authorization vulnerability in fromdoppler Doppler Forms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Doppler Forms: from n/a through 2.4.5. | |||||
| CVE-2025-39533 | 2025-04-17 | N/A | 8.8 HIGH | ||
| Missing Authorization vulnerability in Starfish Reviews Starfish Review Generation & Marketing allows Privilege Escalation. This issue affects Starfish Review Generation & Marketing: from n/a through 3.1.14. | |||||
| CVE-2025-39457 | 2025-04-17 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in magepeopleteam Booking and Rental Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Booking and Rental Manager: from n/a through 2.2.8. | |||||
| CVE-2025-32593 | 2025-04-17 | N/A | 8.2 HIGH | ||
| Missing Authorization vulnerability in Bytes Technolab Add Product Frontend for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Add Product Frontend for WooCommerce: from n/a through 1.0.6. | |||||
| CVE-2025-39559 | 2025-04-17 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Eivin Landa Bring Fraktguiden for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Bring Fraktguiden for WooCommerce: from n/a through 1.11.4. | |||||
| CVE-2025-39532 | 2025-04-17 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in spicethemes Spice Blocks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Spice Blocks: from n/a through 2.0.7.1. | |||||
| CVE-2025-39583 | 2025-04-17 | N/A | 7.1 HIGH | ||
| Missing Authorization vulnerability in berthaai BERTHA AI allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects BERTHA AI: from n/a through 1.12.10.2. | |||||
| CVE-2025-39554 | 2025-04-17 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Elliot Sowersby / RelyWP AI Text to Speech allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects AI Text to Speech: from n/a through 3.0.3. | |||||
| CVE-2025-39456 | 2025-04-17 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in iTRON WP Logger allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Logger: from n/a through 2.2. | |||||